Risk-Based Asset Management Lead

Skyward

Risk-Based Asset Management Lead leading vulnerability and configuration management at Skyward. Collaborating on high-impact risk remediation and database management practices.

Posted 5/19/2026full-timeMaryland • Maryland • 🇺🇸 United StatesSenior💰 $150,000 - $180,000 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudCyber SecurityDynamoDBLinuxMongoDBMySQLNoSQLOraclePostgresPythonServiceNowSplunkSQL

About the role

Key responsibilities & impact

Lead the integrated RBAM practice across Vulnerability Management, Configuration Management, and Database Management, aligning effort with USCIS business priorities and risk tolerance.
Oversee RBAM projects end-to-end: track schedules, facilitate working sessions, and brief leadership and the Government PM/COR on status, risks, and decisions.
Run the vulnerability scanning program using approved tooling. Initiate scans, analyze results, prioritize remediation by impact and likelihood, and ensure adherence to DHS policies and federal regulations.
Continuously monitor emerging threats (CVE, NVD, CISA KEV) and translate them into a prioritized, defensible remediation backlog.
Validate and act on the DHS/CISA Cyber Hygiene Report. Partner with system owners and admins on remediation plans, track progress, and report to leadership.
Support the USCIS software approval process — evaluate new products and technologies for security, compliance, and operational fit.
Establish, document, and enforce configuration management policies, procedures, and baselines across diverse IT environments — with full traceability for changes (documented, tracked, approved, audited).
Use configuration management tooling to monitor and report on system configurations and compliance, identify drift, and resolve configuration-related risks.
Develop and maintain database hardening scripts and processes; translate audit requirements into actionable configurations and evidence artifacts.
Build and refine Splunk dashboards and reporting (and ServiceNow workflows/tickets) so VM/CM posture is visible at a glance — not buried in a spreadsheet.
Author and maintain SOPs and Playbooks for RBAM operations; contribute to the Risk Register, Weekly Status Report, and Monthly Program Management Review.

Requirements

What you’ll need

Bachelor’s degree in Information Systems / Information Technology, Computer Science, Computer Engineering, Electrical Engineering, related field, or technical degree — or 4 years of relevant experience in lieu of a degree.
An active CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable cybersecurity certification.
An active Agile certification: PMI-ACP, SAFe Agilist, CSM, or comparable.
Minimum 7 years of total professional experience, with at least 5 years of technical experience in either: (a) overseeing and managing vulnerability remediation for enterprise environments, or (b) establishing, managing, and enforcing configuration baselines across diverse IT environments — ideally both.
In-depth, working knowledge of CVE, CVSS, NVD, and the CISA KEV catalog. You can prioritize like a pro and explain the prioritization to a non-technical audience.
Deep understanding of Configuration Management principles as defined in NIST SP 800-128.
Strong, hands-on knowledge of system and database hardening best practices using DISA STIGs and CIS Benchmarks.
Familiarity with remediation across Windows, Linux, network devices, containerized environments, and cloud platforms (AWS, Azure, Google).
Hands-on experience implementing and operating SIEM tools — specifically Splunk dashboarding and reporting (creating and modifying dashboards, not just consuming them).
Experience with enterprise ticketing in ServiceNow, including building/altering workflows and reports.
Proficiency in scripting and automation: Python, PowerShell, Bash, and Splunk Search Processing Language.
Familiarity with DevSecOps and CI/CD pipeline development — enough to embed security baselines into pipelines and image-hardening processes.
Ability to incorporate security configuration baselines into CM processes and enforce through OS image hardening, automation, and audit.
Extensive hands-on experience with a wide range of database technologies, including Relational (Oracle, PostgreSQL, MySQL, MS SQL), NoSQL (MongoDB), and Cloud-native (Amazon RDS, Azure SQL, DynamoDB).
Ability to assess and secure both on-premises and cloud-hosted database environments.
Experience implementing and managing audit logging, data masking, and encryption mechanisms.
Experience using scanning tools to verify database hardening compliance and translate audit requirements into actionable configurations and evidence.
Strong written communication for SOPs, playbooks, technical decision memos, and executive-readable risk briefings.
Ability to obtain and maintain a DHS Public Trust suitability determination.

Benefits

Comp & perks

Medical, dental, vision insurance (fully paid for employees)
15 days of paid leave
7 days of sick leave
2 days bereavement leave
11 paid Federal holidays
Up to 40 hours for jury duty
401K with 4% employer contribution (and no vesting period)
Up to 4 weeks of paid paternity and maternity leave
Company provided laptop
$5,000 per year for professional development
$600 per year for technical supplies and equipment
$2,000 referral bonus
Life and disability insurance
HSA and FSA
Legal Shield and ID Shield Voluntary Benefits
Opportunity to work in a collaborative, motivated team focused on modernizing government services with cutting-edge technology and innovative solutions.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementconfiguration managementdatabase managementCVENVDCISA KEVsystem hardeningscriptingautomationDevSecOps

Soft Skills

leadershipcommunicationprioritizationcollaborationdocumentation

Certifications

CASPGSECGSLCCISSPCEHCISMCISAAgile certificationPMI-ACPSAFe Agilist