Responsibilities

We are seeking a highly skilled and innovative Vulnerability Analyst, Journeyman to join our team in the greater DMV area, supporting the Army National Guard.

 

Responsibilities

• Execute vulnerability scans (ACAS, Forescout, Nessus, etc.), review results, and validate findings to identify weaknesses across systems, networks, cloud services, and applications.
• Confirm exploitability, classify technical risk, and correlate scan outputs with asset inventories, configuration baselines, and patch records.
• Review STIG compliance results, verify remediation evidence, update POA&Ms, and upload evidence and artifacts into eMASS and enterprise tracking tools.
• Retest remediations, validate fixes, and coordinate remediation actions with system admins, engineers, and cybersecurity teams.
• Document analysis steps, maintain case records, and prepare operational summaries, trend reports, and vulnerability dashboards to support continuous monitoring and CCRI readiness.
• Identify recurring issues and visibility gaps; recommend scanning/workflow improvements and support automation of validation where feasible.
• Support RMF compliance by producing auditquality evidence, tracking remediation progress, and contributing to metrics for leadership reporting.

#ENOCS

 

Qualifications

Qualifications

• 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree
• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Bachelors degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
  • Relevant DoD/military training (examples: 531-25B40-C46; DISA (541) Training; Vulnerability Assessment Analyst (Intermediate) Playlist; E3ABR1D731D00BB); OR
  • Relevant professional certification or equivalent experience (examples: CEH(P); RCCE Level 1; CompTIA Cloud+; CPTE; FITSP-A; GCED; GCIH; GCSA; GICSP; GSEC; PenTest+; Security+).

• Required experience and skills:

  • Vulnerability assessment, scanning, or security operations experience.
  • Hands-on experience with ACAS/Nessus, Forescout/NAC, STIG validation, and eMASS or equivalent RMF evidence workflows.
  • Ability to validate exploitability, document reproducible findings, update POA&Ms, and coordinate retesting and remediation verification.
  • Proficiency with vulnerability dashboards, reporting, and basic scripting or automation to streamline validation tasks.
  • Strong documentation and communication skills for producing auditquality evidence and operational summaries.

• Desired:

  • Prior DoD/ARNG vulnerability assessment or CCRI support experience.
  • Experience integrating vulnerability management with detection engineering, patch orchestration, and threat intelligence for prioritized remediation.

#ENOCS

Target Salary Range$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individuals experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.