Overview
Skills
Job Details
Title: Cyber Command Vulnerability Management Specialist III
Location: Brooklyn, NY
Duration: 2 Years
Work Schedule: Hybrid 3 Days Onsite / 2 Days Remote
Position Overview:
A major government cybersecurity program is seeking a Vulnerability Management Specialist to serve as a Subject Matter Expert (SME) in vulnerability management. The specialist will be responsible for leading vulnerability scanning, assessment, mitigation planning, and risk communication activities using Rapid7 and other industry-standard tools.
Key Responsibilities:
Research, analyze, and brief internal teams on cybersecurity risks, CVEs, CVSS scores, vector strings, NVD, MITRE ATT&CK, attack vectors, and mitigation strategies.
Design, architect, and build Rapid7 vulnerability management scanning infrastructure and tools.
Configure, manage, and execute vulnerability scans using Rapid7 across various networks.
Analyze scan results and generate reports and dashboards to prioritize and assess risk accurately.
Evaluate vulnerabilities and threat intelligence to develop and implement mitigation strategies.
Deliver concise technical briefings and risk assessments to technical teams and stakeholders.
Develop automation scripts in Python, PowerShell, or other scripting languages to streamline vulnerability detection, tracking, and reporting.
Generate detailed vulnerability reports and dashboards using Rapid7, Excel, and PowerPoint.
Travel within NYC for project-related tasks when required.
Mandatory Skills & Experience:
Candidates who do not meet all mandatory qualifications will not be considered.
Minimum 8 years of cybersecurity experience, particularly in vulnerability management, attack surface assessment, and remediation.
Extensive hands-on experience with Rapid7, including architecture, scanning configuration, dashboard/report creation, and in-depth analysis.
Strong understanding of CVEs, CVSS, NVD, MITRE ATT&CK, attack vectors, and mitigation practices.
Demonstrated ability to evaluate security vulnerabilities, determine business risk, and implement remediation strategies.
Experience conducting technical research on vulnerabilities and summarizing findings for technical and non-technical audiences.
Proficiency in scripting (Python, PowerShell) for automation of vulnerability-related tasks.
Strong Excel skills including use of VLOOKUP, pivot tables, and other data analysis functions.
Experience creating reports and visualizations using Tableau.
Excellent communication skills both oral and written for briefing technical teams and stakeholders.
Proven ability to work collaboratively with technical teams and agencies to improve overall cybersecurity posture.
Understanding of current threat landscapes including TTPs (Tactics, Techniques, and Procedures).
In-depth knowledge of network security technologies such as firewalls, intrusion detection systems, DMZ, VPN, DNS, SMTP, and proxies.
Experience with various operating systems and platforms including Windows, Linux, VMware, and mobile (Android/iOS).
Solid understanding of encryption, encoding, hashing, and public-key cryptography.
Familiarity with cybersecurity standards and best practices such as NIST, CIS, and vendor-specific practices from Cisco, Juniper, Palo Alto, Fortinet, Microsoft, etc.
Experience analyzing and developing cybersecurity policies, plans, and procedures.
Hands-on experience managing Windows and Linux servers in enterprise environments.
Excellent organizational, analytical, and problem-solving skills.
Preferred Certifications (One or more strongly preferred):
CISSP Certified Information Systems Security Professional
GSEC Security Essentials Certification
GCIA Certified Intrusion Analyst
GCIH Certified Incident Handler
CEH Certified Ethical Hacker
CWAPT Certified Web Application Penetration Tester