Analyze raw vulnerability scan results and provide clear, actionable findings to system owners and stakeholders
Validate vulnerabilities, identify false positives, and confirm technical risk and exploitability
Provide practical remediation guidance aligned with system architecture and operational constraints
Track vulnerability remediation status and support risk-based prioritization
Works closely with the risk management and other teams to determine system risks based upon vulnerability results and ensure compensating and/or mitigating controls are in place
Operate and support vulnerability scanning tools across multiple platforms, including Tenable Security Center, Tenable.io, Nessus Manager, Nessus Network Monitor, NetSparker/Invicti Enterprise, CodeDX, Coverty, Black Duck, Seeker, and Guardium Database Scanner.
Develop and adhere to Standard Operating Procedures (SOP)
Comfortable with interfacing the customer, cross-functional teams and application owners on vulnerability metrics and findings
Adhere to Service Level Agreements (SLA) for service request support
Mentor and train team members & program successors
Participates in special projects, as needed
Works with Program and Project management throughout the period of performance
Supports technical problems that occur and on-call support for non-business hours
Provide Weekly and on-demand Status Reports on work performed

Requirements

4+ years of cybersecurity experience, with a strong focus on vulnerability management and security operations
3+ years Hands-on experience with enterprise vulnerability scanning tools (Tenable, Nessus, Invicti, etc.)
Strong cyber data analytics skills and experience developing dashboards and reports
Knowledge of current vulnerability trends, exploits, and threat intelligence
Experience working in a federal IT or regulated environment
Ability to manage multiple priorities and work independently with minimal supervision
Must be able to obtain a Public Trust and successfully pass a thorough government background screening process (forms/fingerprinting)

Benefits

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts
dental plan options
a vision plan
a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year
Paid leave and paid holidays are prorated based on the employee’s date of hire
The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees
other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementcybersecuritydata analyticsremediation guidancerisk assessmenttechnical risk validationexploitability analysisdashboard developmentreporting

Soft Skills

communicationmentoringteam collaborationindependent workprioritizationcustomer interfacing

Certifications

Public Trust