Vulnerability Management Lead

Hybrid in Washington D.C., DC, US • Posted 1 day ago • Updated 1 day ago
Full Time
Hybrid
Depends on Experience
Fitment

Dice Job Match Score™

👾 Reticulating splines...

Job Details

Skills

  • Vulnerability

Summary

Certifications : Either 1 or 2 prefered

  • Rapid7 Certified Administrator (InsightVM) or equivalent
  • GIAC Vulnerability Analyst (GEVA) or GPEN
  • CompTIA Security+ / CySA+ or equivalent
  • CISSP or CISM (senior-level certifications acceptable)
  • CEH (Certified Ethical Hacker)
  • Any relevant cybersecurity certification demonstrating vulnerability management expertise\

The Vulnerability Management Lead shall be responsible for coordinating enterprise vulnerability management activities, including tracking, remediation support, reporting, and trend analysis. This role ensures integration of vulnerability management into overall risk and compliance functions and supports enterprise-wide security operations.

Key Responsibilities

  • Manage enterprise vulnerability management (VM) program using Rapid7 InsightVM as the primary scanning tool
  • Coordinate application security findings from tools such as Veracode (SAST/DAST) and integrate them into VM workflows
  • Integrate vulnerability findings into Jira for ticketing, tracking, and POA&M management (e.g., Xacta)
  • Produce periodic vulnerability management reports including trends, severity, aging, remediation status, and risk recommendations
  • Coordinate remediation activities with system owners and IT teams
  • Support executive-level reporting and vulnerability trend analysis
  • Ensure alignment with NIST vulnerability management guidance and federal compliance requirements

Required Qualifications & Experience

  • Demonstrated experience managing enterprise vulnerability management programs
  • Hands-on experience with Rapid7 InsightVM (configuration, scanning, reporting, dashboards)
  • Experience integrating vulnerability data with SIEM tools (e.g., Splunk) for correlation and alerting
  • Experience with Veracode SAST/DAST integration into security workflows
  • Experience tracking vulnerabilities in Jira and managing POA&M updates in Xacta or similar GRC tools
  • Strong understanding of vulnerability remediation lifecycle and SLA management (critical/high/medium/low timelines)
  • Experience working in federal/FISMA environments (large-scale environments preferred, e.g., 1,500+ servers, ~18+ systems)
  • Familiarity with Continuous Diagnostics and Mitigation (CDM) programs
  • Prior experience as a VM lead or similar cybersecurity leadership role
  • Experience with SCR-related vulnerability assessments (as applicable to program scope)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10448332
  • Position Id: 9018514
  • Posted 1 day ago
Contact the job poster
RR

Ranadheer Reddy

Recruiter @ Delviom LLC
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Washington, District of Columbia

Today

Easy Apply

Contract

$60 - $63

Washington, District of Columbia

Today

Full-time

USD 39.00 - 75.00 per hour

Hybrid in Reston, Virginia

Today

Easy Apply

Full-time

Depends on Experience

Arlington, Virginia

Today

Full-time

Compensation information provided in the description

Search all similar jobs