The Enterprise Vulnerability Management Lead SME serves as the principal authority for vulnerability lifecycle management across WDP's classified and unclassified enterprise environments, directing end-to-end remediation coordination, POA&M governance, and risk acceptance activities that sustain continuous authorization posture across NIPRNet, SIPRNet, and JWICS . This is a senior subject matter expert role demanding deep expertise in enterprise vulnerability operations, DoW Risk Management Framework execution, and Authorizing Official-level reporting, with direct responsibility for protecting mission-critical AI and data platform capabilities supporting warfighter decision-making at the highest levels of DoW leadership.
• Leads coordinated vulnerability management operations supporting Department of War mission systems across unclassified and classified networks.
• Directs enterprise vulnerability lifecycle activities including scan result validation, risk triage, remediation coordination, and continuous tracking of findings affecting operating systems, applications, databases, and network devices.
• Analyzes vulnerability data generated by ACAS, endpoint security platforms, and cloud security tooling to distinguish true risk conditions from false positives and environmental artifacts.
• Develops prioritized remediation strategies aligned to mission impact, threat severity, and authorization timelines while coordinating corrective actions with system owners, platform engineers, and cybersecurity teams.
• Maintains authoritative vulnerability records and remediation status within POA&M repositories, continuous monitoring dashboards, and authorization artifacts supporting Risk Management Framework execution.
• Supports deviation requests and risk acceptance actions through defensible technical analysis and documented mitigation strategies.
• Produces vulnerability trend reports, remediation performance metrics, and executive summaries for cybersecurity leadership and Authorizing Officials using ServiceNow, SharePoint, and reporting platforms.
• Guides junior analysts through standardized workflows for scan validation, POA&M updates, and stakeholder coordination while maintaining consistency and data integrity.
• Enables sustained authorization posture, reduced exposure windows, and improved cyber hygiene across enterprise environments while reinforcing program values of accountability, operational readiness, transparency, and disciplined risk management.
• Performs other duties as assigned.
• Current Secret security clearance.
• 12+ years of experience in enterprise vulnerability management, cybersecurity operations, or a closely related discipline, with demonstrated senior subject matter expert-level ownership of vulnerability lifecycle operations across complex federal, DoW, or enterprise classified network and cloud environments.
• IAM Level I certification from an approved credential, including CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Demonstrated hands-on expertise directing enterprise-scale vulnerability management programs using ACAS or Nessus, with applied experience managing POA&M portfolios, producing Authorizing Official-level risk reporting, and leading remediation coordination across diverse system owner communities in support of continuous authorization under NIST 800-53 and DoW RMF requirements.
• Proven experience supporting DoW or federal Risk Management Framework processes, including preparation and maintenance of Body-of-Evidence packages, deviation and risk acceptance documentation, and continuous monitoring artifacts in Government-approved systems such as eMASS or Xacta.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).