Vulnerability Management Specialist II 
Duties and Responsibilities:  

• Support scan scheduling, scan result analysis, and basic remediation coordination. Maintains scan tools and works under guidance of senior team members. 

• Assist in scheduling and executing vulnerability scans using tools such as Nessus, Tenable, or other approved platforms. 

• Analyze scan results and support remediation tracking efforts. 

• Maintain scanning tools and ensure proper configuration and operation. 

• Perform data entry and generate reports using Excel and other reporting tools. 

• Coordinate with stakeholders to support remediation activities and ensure timely resolution. 

• Contribute to audit responses and documentation efforts as directed by senior staff. 

• Stay current with emerging threats, vulnerabilities, and mitigation strategies. 

• Other duties as assigned. 

 
Minimum Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field.  

• 3+ years of experience in vulnerability tracking and reporting, with 2+ years in IT or cybersecurity roles. 

• Certifications: Security + preferred. 

• Exposure to DoD cybersecurity frameworks and RMF processes preferred. 

• Experience supporting POA&M documentation and audit preparation preferred. 

• Must have active Top Secret Clearance with SCI eligibility. 

 
Knowledge, Skills and Abilities:  

• Familiarity with vulnerability scanning tools such as Nessus, Tenable, or ACAS. 

• Basic understanding of IT systems, including Windows and Linux environments. 

• Experience with Excel for reporting and data analysis. 

• Knowledge of STIGs and SCAP tools is a plus. 

• Skilled in organizing and tracking remediation efforts. 

• Capable of maintaining accurate records and supporting compliance documentation. 

• Ability to meet minimum clearance requirements. 

• Ability to work nights, weekends, and holidays as required. 

• Ability to travel up to 10%. 

Vulnerability Management Specialist III 
Duties and Responsibilities:  

• Conduct vulnerability scans using tools such as ACAS, Tenable, and SCAP-compliant tools. 

• Track and assess vulnerabilities, correlating findings with system inventories and mission relevance. 

• Support remediation efforts by coordinating with system owners and IT teams. 

• Prepare summary reports, trend analyses, and dashboard metrics for leadership and audit purposes. 

• Assist in mapping vulnerabilities to STIG compliance, risk scores, and POA&M entries. 

• Contribute to audit responses and ensure documentation aligns with DoD cybersecurity requirements. 

• Stay current with emerging threats, vulnerabilities, and mitigation strategies. 

• Other duties as assigned. 

 
Minimum Qualifications:

• Bachelor’s degree in computer science, Information Systems or related field.  

• 5+ years of experience in vulnerability management with 5-7 years in cybersecurity or IT operations. 

• Proficient in Tenable/Nessus, Qualys, ACAS. 

• Familiarity with DoD STIGs, DISA SCAP tools, and vulnerability management frameworks. 

• Certifications: Security + or equivalent 

• Must have active Top Secret Clearance with SCI eligibility. 

 
Knowledge, Skills and Abilities:  

• Excellent communication, leadership, and project management skills. 

• Proficiency with ASAS, Tenable/Nessus, and SCAP tools. 

• Exposure to RMF processes and DoD cybersecurity directives preferred. 

• Familiarity with HBSS/ESS and enterprise security tools preferred. 

• Experience with Windows/Linux system hardening and STIG implementation. 

• Understanding of vulnerability scoring systems (e.g., CVSS) and risk prioritization. 

• Familiarity with POA&M documentation and audit preparation. 

• Ability to interpret scan results and correlate with system configurations. 

• Skilled in tracking remediation progress and identifying trends. 

• Capable of supporting compliance efforts and generating actionable metrics. 

• Strong technical writing skills for reports and summaries. 

• Effective communicator with cross-functional teams and leadership. 

• Experience in supporting audit and compliance documentation. 

• Ability to work both independently and within a team. 

• Ability to meet minimum clearance requirements. 

• Ability to work nights, weekends, and holidays as required. 

• Ability to travel up to 10%.