ECS

Vulnerability Management Lead

ECS$115K — $135K *
US-AnywhereRemote in Virginia, US
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 6+ years of cybersecurity experience with a focus on vulnerability management.
  • Active Public Trust 6c clearance or ability to obtain one.
  • Hands-on experience with Tenable and AquaSec within a federal environment.
  • Strong understanding of NIST compliance frameworks, including RMF and SP 800-53.
  • Proven ability to clearly communicate complex findings to both technical and executive teams.

Responsibilities

  • Oversee vulnerability scanning and remediation tracking for the program.
  • Coordinate with cross-functional teams to identify and remedy security gaps efficiently.
  • Lead ATO and continuous monitoring activities to maintain compliance.
  • Develop real-time dashboards for visibility on vulnerability management progress.
  • Generate compliance reports to support audit readiness and cybersecurity decisions.
  • Manage integration of vulnerability management tools into enterprise workflows.
  • Collaborate with SOC and threat-hunting teams to enhance security posture.

Benefits

  • Remote work opportunity with proximity to the National Capital Region.
  • Work on a flagship initiative with direct impact on national cybersecurity.
  • Exposure to advanced automation and modern cybersecurity practices.
  • Collaboration with a diverse team of cybersecurity professionals.
  • Chance to influence and enhance the cybersecurity strategy for a major federal agency.
Full Job Description
Everforth ECS is seeking a Remote Vulnerability Management Lead who lives in close proximity to the National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.

Please Note: This position is contingent upon contract award.

Salary Range: $115,000 - $135,000

This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a key leader on this program, you will drive the protection of highly sensitive, national-level financial and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.

As the Vulnerability Management Lead, you will serve as the principal technical authority for enterprise vulnerability identification, prioritization, and remediation across a large-scale federal civilian environment. Working closely with Information System Security Officers (ISSOs), Information System Owners (ISOs), compliance teams, and engineering personnel. You will drive a proactive, risk-based approach to vulnerability management, delivering measurable reductions in the agency's attack surface while ensuring continuous alignment with federal compliance requirements.

Position Responsibilities:
  • Oversee enterprise vulnerability scanning operations, remediation tracking, and stakeholder communication with POA&M support across the program.
  • Coordinate with ISOs, ISSOs, compliance, and engineering teams to identify, prioritize, and close security gaps in a timely and risk-informed manner.
  • Leads ATO, POA&M and continuous monitoring activities.
  • Develop and maintain dashboards and metrics to provide real-time visibility into vulnerability management posture, trends, and remediation progress.
  • Produce compliance reports and vulnerability governance data to support continuous monitoring, audit readiness, and cybersecurity decision-making.
  • Manage integration of vulnerability management tools including Tenable, AquaSec, and the Continuous Diagnostics and Mitigation (CDM) program into enterprise workflows.
  • Apply risk-based prioritization methodologies to ensure the most critical vulnerabilities are addressed in alignment with agency risk tolerance and compliance requirements.
  • Support the review and maintenance of Plans of Action & Milestones (POA&Ms), ensuring timely and accurate tracking of identified vulnerabilities and remediation activities.
  • Collaborate with SOC, threat hunting, and security engineering teams to correlate vulnerability data with active threat intelligence and hunting findings.
  • Present vulnerability management findings, risk recommendations, and program metrics to both technical teams and senior government officials in a clear, actionable format.
  • Develop and refine vulnerability management policies, procedures, and standard operating procedures to ensure alignment with federal regulations and agency requirements.

Support continuous monitoring activities and provide input into the overall security posture of the agency's federal IT enterprise.

  • US. Citizenship required.
  • 6+ years of cybersecurity experience, with demonstrated expertise in vulnerability management, operating systems, and networking.
  • Remote but within close proximity to the NCR.
  • Active Public Trust 6c clearance, or the ability to obtain and maintain one.
  • At least one of the following certifications: GCIH, CISSP, CISM, or CRISC.
  • Hands-on experience with Tenable, AquaSec, and CDM integration in a federal or enterprise environment.
  • Strong understanding of federal compliance frameworks including NIST RMF, NIST SP 800-53, FISMA, and FedRAMP requirements.
  • Experience developing and maintaining POA&Ms and supporting remediation tracking within federal information system environments.
  • Demonstrated ability to coordinate cross-functional teams, including ISOs, ISSOs, compliance, and engineering stakeholders, to drive vulnerability remediation efforts.
  • Proven ability to translate complex technical vulnerability findings into clear, actionable language for both technical and executive audiences.
  • Strong written and verbal communication skills, with a track record of producing high-quality federal security documentation.

About ECS

ECS is a leading provider of digital solutions and services to the federal government. The company was founded in 2001 by Roy Kapani and has since grown to become a trusted partner to a wide range of government agencies. ECS offers a broad range of services, including cloud computing, cybersecurity, and artificial intelligence. The company has been recognized for its innovative solutions and has won numerous awards, including the AWS Public Sector Partner of the Year award.
Learn more about ECS
Size
2,000 employees
Industry

Similar Jobs

More Jobs at ECS

  • ECS
    Vulnerability Management Lead
    $115K — $135K *
    Remote
    Information Technology
    Remote in Virginia, US
  • ECS
    IT Team Lead
    $90K — $100K *
    Remote
    Information Technology
    Remote in Virginia, US
  • ECS
    Field Service Representative
    $125K — $150K *
    March Air Reserve Base, CA 92518 (Riverside County)
    Education, Government & Non-Profit
    In-Person
  • ECS
    Field Service Representative
    $125K — $150K *
    San Diego, CA 92154 (San Diego County)
    Education, Government & Non-Profit
    In-Person
  • ECS
    Project Manager
    $90K — $130K *
    Fairfax, VA 22030 (Fairfax City County)
    Education, Government & Non-Profit
    In-Person

More Information Technology Jobs

Find similar Vulnerability Management Lead jobs: