Senior Vulnerability Management Specialist

Remote • Posted 1 day ago • Updated 6 hours ago
Contract W2
Contract Independent
Contract Corp To Corp
24 Months
No Travel Required
Able to Sponsor
Remote
Depends on Experience
Fitment

Dice Job Match Score™

👤 Reviewing your profile...

Job Details

Skills

  • Agile Management
  • CISM
  • Cloud Security
  • Information Security
  • OWASP
  • Risk Management Framework
  • Security Analysis

Summary

Senior Vulnerability Management Specialist

Location: Remote


Job Summary


STAFFXPERT LLC is seeking a Senior Vulnerability Management Specialist on behalf of our client in a Remote location. This position is ideal for an experienced cybersecurity professional with a strong background in enterprise vulnerability management, federal cybersecurity frameworks, cloud security, and governance, risk, and compliance (GRC). The successful candidate will play a key role in strengthening the organization''s security posture by leading vulnerability assessments, driving remediation efforts, supporting compliance initiatives, and collaborating with cross-functional stakeholders to ensure continuous improvement of enterprise security programs.


Key Responsibilities
  • Lead and manage enterprise vulnerability management activities in accordance with industry and federal cybersecurity standards.
  • Conduct vulnerability assessments across on-premises systems, cloud environments, containerized workloads, and Infrastructure-as-Code (IaC) deployments.
  • Track security findings through remediation, validation, and closure while maintaining accurate documentation.
  • Develop and manage Plans of Action and Milestones (POA&Ms) using CSAM or comparable Governance, Risk, and Compliance (GRC) platforms.
  • Integrate vulnerability data with SIEM and IT service management platforms to streamline remediation workflows.
  • Assess CI/CD pipeline security and implement policy-as-code practices to identify vulnerabilities early in the software development lifecycle.
  • Apply NIST Risk Management Framework (RMF) and security controls to support risk assessments, compliance initiatives, and continuous monitoring.
  • Support internal and external security audits by preparing documentation, evidence, and remediation plans.
  • Develop and maintain security documentation, including standard operating procedures, implementation guides, playbooks, policies, and risk reports.
  • Present technical findings and risk recommendations to both technical teams and executive leadership.
  • Collaborate with cross-functional teams to ensure timely resolution of identified security risks.
Required Qualifications
  • Bachelor''s degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related technical discipline.
  • 6+ years of experience in cybersecurity, vulnerability management, information security, or a related field.
  • Strong experience with enterprise vulnerability management programs and security assessment processes.
  • Hands-on experience performing vulnerability assessments across cloud, containerized, and traditional infrastructure environments.
  • Experience managing remediation efforts and POA&Ms using CSAM or comparable GRC platforms.
  • Working knowledge of NIST Risk Management Framework (RMF), NIST SP 800-53 Security Controls, and Information Security Continuous Monitoring practices.
  • Experience supporting compliance initiatives and security audits.
  • Familiarity with CI/CD security, Infrastructure-as-Code (IaC), and policy-as-code implementations.
  • Experience integrating vulnerability management tools with SIEM and IT service management platforms such as ServiceNow.
  • Strong analytical, organizational, and problem-solving skills.
  • Excellent written and verbal communication skills with the ability to communicate effectively with both technical and business stakeholders.

Preferred Qualifications
  • Experience with vulnerability management and security tools such as Tenable Nessus, Splunk, and Governance, Risk & Compliance (GRC) platforms.
  • Familiarity with OWASP security principles and cloud-native security practices.
  • Experience using Microsoft Power BI, Microsoft Teams, and SharePoint.
  • Knowledge of Agile project management methodologies.
  • Professional cybersecurity certifications such as Certified Information Security Manager (CISM), CompTIA Security+, or other relevant industry certifications.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91172109
  • Position Id: JRQ-2370
  • Posted 1 day ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote or Minnesota

Today

Full-time

USD 143,200.00 - 196,900.00 per year

Remote

2d ago

Easy Apply

Contract

Up to $92.3

Remote

2d ago

Easy Apply

Full-time

$118,000 - $130,000

Remote

Today

Full-time

Search all similar jobs