Summary Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring) Oakton, VA Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you ...
Summary Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring) Oakton, VA Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you ...
Vulnerability Management Analyst- Secret Clearance Required
Springfield, VA · On-site
$90K - $125K/yr
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
Vulnerability Management Analyst- Secret Clearance Required
Springfield, VA · On-site
$90K - $125K/yr
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
Vulnerability Management Analyst- Secret Clearance Required
Springfield, VA · On-site
$90K - $125K/yr
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
Vulnerability Management Analyst- Secret Clearance Required
Springfield, VA · On-site
$90K - $125K/yr
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
Vulnerability Management Analyst- Secret Clearance Required
Springfield, VA · On-site
$90K - $125K/yr
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
Vulnerability Management Analyst- Secret Clearance Required
Springfield, VA · On-site
$90K - $125K/yr
US Citizenship required Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and ...
You have exposure to Cybersecurity and are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of ...
You have exposure to Cybersecurity and are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of ...
As a Risk and Vulnerability Analyst II, you will manage vulnerability scanning processes and ensure compliance with federal standards while providing accurate risk assessments to security teams and ...
As a Risk and Vulnerability Analyst II, you will manage vulnerability scanning processes and ensure compliance with federal standards while providing accurate risk assessments to security teams and ...
You have exposure to Cybersecurity and are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of ...
You have exposure to Cybersecurity and are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of ...
AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer ...
AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer ...
Senior Security Vulnerability Analyst
Washington, DC · On-site
$55 - $65/hr
Experience building consensus around vulnerability management policies and procedures. * Experience conducting security gap analyses to identify potential vulnerabilities in Board systems and ...
Quick apply
Senior Security Vulnerability Analyst
Washington, DC · On-site
$55 - $65/hr
Experience building consensus around vulnerability management policies and procedures. * Experience conducting security gap analyses to identify potential vulnerabilities in Board systems and ...
AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer ...
AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer ...
Title Vulnerability Management Lead Full-Time/Part-Time Full-Time Description RiVidium is seeking a Vulnerability Management Lead to support our planned MODES III team supporting Military Community ...
Title Vulnerability Management Lead Full-Time/Part-Time Full-Time Description RiVidium is seeking a Vulnerability Management Lead to support our planned MODES III team supporting Military Community ...
AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer ...
AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer ...
You'll partner with vulnerability management, cyber architecture and engineering, hosting, network services, business information security officers, technical risk officers, product owners, and ...
You'll partner with vulnerability management, cyber architecture and engineering, hosting, network services, business information security officers, technical risk officers, product owners, and ...
Vulnerability Manager
Alexandria, VA · On-site +1
Coordinate remediation with system owners, IT operations, and patch management teams. * Manage ... Performing vulnerability scans with tools such as Tenable, Qualys, Burpsuite. * Deep familiarity ...
New
Vulnerability Manager
Alexandria, VA · On-site +1
Coordinate remediation with system owners, IT operations, and patch management teams. * Manage ... Performing vulnerability scans with tools such as Tenable, Qualys, Burpsuite. * Deep familiarity ...
New
Vulnerability Manager
Alexandria, VA · On-site +1
Coordinate remediation with system owners, IT operations, and patch management teams. * Manage ... Performing vulnerability scans with tools such as Tenable, Qualys, Burpsuite. * Deep familiarity ...
New
Quick apply
Vulnerability Manager
Alexandria, VA · On-site +1
Coordinate remediation with system owners, IT operations, and patch management teams. * Manage ... Performing vulnerability scans with tools such as Tenable, Qualys, Burpsuite. * Deep familiarity ...
New
Vulnerability Manager
Alexandria, VA · On-site
Coordinate remediation with system owners, IT operations, and patch management teams. * Manage ... Performing vulnerability scans with tools such as Tenable, Qualys, Burpsuite. * Deep familiarity ...
New
Vulnerability Manager
Alexandria, VA · On-site
Coordinate remediation with system owners, IT operations, and patch management teams. * Manage ... Performing vulnerability scans with tools such as Tenable, Qualys, Burpsuite. * Deep familiarity ...
New
You'll partner with vulnerability management, cyber architecture and engineering, hosting, network services, business information security officers, technical risk officers, product owners, and ...
You'll partner with vulnerability management, cyber architecture and engineering, hosting, network services, business information security officers, technical risk officers, product owners, and ...
Execute Information Security Vulnerability Management (ISVM) scans and ensure results align with compliance requirements and program reporting standards * Conduct API discovery and scanning to ...
Quick apply
Execute Information Security Vulnerability Management (ISVM) scans and ensure results align with compliance requirements and program reporting standards * Conduct API discovery and scanning to ...
Information Security Analyst IV / Security Engineer Vulnerability Management
Washington, DC · On-site
Information Security Analyst IV / Security Engineer Vulnerability Management Location: Washington, DC (100% Onsite) Duration: Long-Term Contract We are seeking an experienced Information Security ...
New
Information Security Analyst IV / Security Engineer Vulnerability Management
Washington, DC · On-site
Information Security Analyst IV / Security Engineer Vulnerability Management Location: Washington, DC (100% Onsite) Duration: Long-Term Contract We are seeking an experienced Information Security ...
New
Vulnerability Management information
What are the common challenges faced in a Vulnerability Management role?
Professionals in Vulnerability Management often encounter challenges such as rapidly evolving threat landscapes, prioritizing remediation efforts among numerous vulnerabilities, and ensuring continuous communication between technical and non-technical stakeholders. They may also need to adapt to changing regulatory requirements and work within tight deadlines to protect the organization from emerging risks. As part of this role, you'll collaborate regularly with IT, security, and business teams to ensure remediation steps are effectively implemented. Continuous learning and adaptability are important, as technologies and attack vectors change frequently in this field. Being proactive and detail-oriented will help you address these challenges and advance your career in cybersecurity.
What are the key skills and qualifications needed to thrive in the Vulnerability Management position, and why are they important?
To thrive in Vulnerability Management, you need a strong understanding of cybersecurity principles, network protocols, and risk assessment, typically supported by a relevant degree and experience in information security. Familiarity with vulnerability scanning tools (such as Nessus or Qualys), security frameworks, and industry certifications like CISSP or CompTIA Security+ is highly valued. Exceptional analytical thinking, communication skills, and an ability to work collaboratively across IT and business teams help professionals excel in this field. These competencies are crucial to effectively identifying, prioritizing, and mitigating security risks in dynamic organizational environments.
What is a Vulnerability Management job?
A Vulnerability Management job involves identifying, assessing, prioritizing, and mitigating security vulnerabilities in an organization's systems, networks, and applications. Professionals in this role use tools like vulnerability scanners and threat intelligence to detect weaknesses and coordinate remediation efforts with IT and security teams. They also establish policies, monitor security risks, and ensure compliance with industry standards. The goal is to reduce the organization's exposure to cyber threats and improve overall security posture.

Full-time
Re-posted 8 days ago
Job description
Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring)
Oakton, VA
Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level! 
SecuriGence delivers essential technology services supporting critical national security missions. We are seeking a Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring) to support Department of Defense (DoD) cybersecurity operations by executing vulnerability management, security compliance, and Continuous Monitoring (ConMon) activities in accordance with the Risk Management Framework (RMF). This role is responsible for identifying, assessing, prioritizing, and tracking vulnerabilities using enterprise tools, ensuring compliance with Security Technical Implementation Guides (STIGs), and responding to Information Assurance Vulnerability Alerts (IAVAs).
Responsibilities
- Vulnerability Management
- Perform vulnerability scanning using Assured Compliance Assessment Solution (ACAS) (e.g., Tenable.sc / Nessus).
- Enforcing the ACAS best practice guide requirements when performing vulnerability scans in ACAS
- Analyze scan results to identify vulnerabilities, misconfigurations, and compliance gaps.
- Validate findings against the latest released DISA STIGs and applicable security baselines.
- Review of provided checklists and working with system admins in identifying gaps for POA&M creation.
- Assess and track vulnerabilities in accordance with DoD timelines and risk severity.
- Correlate vulnerabilities with IAVA/IAVM notices and ensure timely remediation or mitigation.
- Develop and maintain Plan of Action and Milestones (POA&M) documentation.
- Maintenance of Risk Acceptance (RA) POA&M items within SOR (System of Record) and coordinating with System administrators to validate that RA is required instead of a POA&M.
- STIG Compliance & Hardening
- Apply and validate Security Technical Implementation Guides (STIGs) across operating systems, applications, and network devices.
- Conduct manual and automated STIG compliance checks using tools such as ACAS Audit checks, STIG Viewer, SCAP Compliance Checker (SCC), and Evaluate-STIG.
- Document compliance status and provide remediation guidance to system administrators.
- Support system hardening efforts aligned with DoD baseline configurations.
- Ensure that golden images are maintained for Servers (RHEL and Windows) and Workstations following STIG guidance.
- IAVA/IAVM Management
- Monitor and assess Information Assurance Vulnerability Alerts (IAVAs) and Bulletins (IAVBs).
- Determine system applicability and operational impact.
- Coordinate remediation actions and track compliance deadlines.
- Maintain IAVA compliance reporting and documentation for audits.
- Continuous Monitoring (ConMon)
- Execute Continuous Monitoring activities in accordance with RMF Step 6.
- Monitor security controls for effectiveness and ongoing compliance.
- Conduct control assessments and assist with periodic security reviews.
- Support automated and manual data collection for ConMon dashboards and reporting.
- Identify trends, recurring issues, and systemic risks across systems.
- RMF & Compliance Support
- Support RMF activities across all six steps, with emphasis on:
- Control implementation validation
- Security control assessment support
- Ongoing authorization (ATO sustainment)
- Update and maintain RMF artifacts, including:
- System Security Plan (SSP)
- Security Assessment Report (SAR)
- Plan of Action and Milestones (POA&M)
- Security Assessment Plan (SAP)
- Map vulnerabilities and findings to NIST SP 800-53 controls.
- Reporting & Documentation
- Generate vulnerability and compliance reports for leadership and Authorizing Officials (AOs).
- Provide risk-based recommendations and remediation strategies.
- Maintain audit-ready documentation in accordance with DoD and agency requirements
- Other duties as assigned
Qualifications
- High school diploma or GED equivalent
- 5+ years of experience in DoD cybersecurity or RMF-based environments
- Hands-on experience with:
- ACAS (Nessus / Tenable.sc)
- STIG implementation and validation
- IAVA/IAVM processes
- Experience with vulnerability assessment, risk analysis, and remediation tracking.
- DoD 8570/8140 Compliance: Must meet IAT Level II requirements (e.g., Security+)
- Active DoD Top Secret clearance with SCI eligibility.
Knowledge, Skills, and Abilities:
- Strong understanding of:
- DoD RMF (DoDI 8510.01)
- NIST SP 800-53 security controls
- Ability to manage multiple systems and priorities in a regulated environment
- Strong analytical and problem-solving skills
- Attention to detail and compliance rigor
- Ability to translate technical risk into mission impact
- Effective communication with technical and non-technical stakeholders
- Relevant certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH) or equivalent
- DISA ACAS Training Certificate
- Experience with:
- ACAS
- SCAP Compliance Checker (SCC) / Evaluate-STIG
- STIG Viewer
- eMASS, Xacta
- Trellix, MDE
- Splunk, Elastic
- Familiarity with scripting (e.g., PowerShell, Python) for automation.
- Experience in enterprise-level ConMon programs or NOSC/SOC environments.
How you’ll grow 
At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. 
We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers. 
Benefits 
At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits. 
Learn more about what working at Chenega MIOS can mean for you. 
Chenega MIOS’s culture 
Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives. 
Corporate citizenship 
Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. 
Learn more about Chenega’s impact on the world. 
Chenega MIOS News- https://chenegamios.com/news/ 
Tips from your Talent Acquisition Team 
We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links: 
Chenega MIOS web site - www.chenegamios.com 
Glassdoor - https://www.glassdoor.com/Overview/Working-at-Chenega-MIOS-EI_IE369514.11,23.htm 
LinkedIn - https://www.linkedin.com/company/1472684/ 
Facebook - https://www.facebook.com/chenegamios/
Estimated Salary/Wage
USD $120,000.00/Yr. Up to USD $184,000.00/Yr.
About SecuriGence
Sourced by ZipRecruiter
Industry
It services
Company size
11 - 50 Employees
Headquarters location
Leesburg, VA, US
Year founded
2010