Risk-Based Asset Manager
True Zero Technologies, LLC
full-time
Posted on:
Location Type: Remote
Location: District of Columbia • Maryland • United States
Visit company websiteExplore more
About the role
- Oversee RBAM projects, schedules, milestones, and team execution
- Facilitate meetings and brief leadership on status, risks, priorities, and progress
- Direct and support enterprise vulnerability scanning, analysis, remediation prioritization, and reporting
- Guide the development and enforcement of secure configuration baselines across systems and platforms
- Coordinate database hardening, patching, scanning, and compliance activities with stakeholders
- Review cyber hygiene findings and translate results into actionable remediation plans
- Support evaluation of new technologies and products through security review and software approval processes
- Develop or enhance dashboards, reporting, and metrics to improve visibility into risk and remediation progress
- Support process improvement, automation, and operational maturity efforts across the RBAM function
- Ensure work products, reporting, and technical activities align with DHS, client, and federal cybersecurity expectations
- Lead and coordinate vulnerability management, configuration management, and database hardening activities
Requirements
- Bachelor’s degree in Information Technology, Information Systems, Computer Science, Computer Engineering, Electrical Engineering, or related technical field; or equivalent additional experience
- 7+ years of total professional experience
- 5+ years of technical experience in vulnerability management, configuration management, database hardening, or related security operations
- Experience leading technical teams or workstreams in dynamic environments
- Strong experience managing vulnerability remediation efforts across enterprise environments
- Experience using vulnerability scanning tools such as Tenable/Nessus
- Strong experience establishing, maintaining, and enforcing configuration baselines
- Familiarity with remediation practices across Windows, Linux, network devices, containers, and cloud platforms
- Strong knowledge of CVE, CVSS, NVD, and the CISA KEV catalog
- Strong knowledge of configuration management principles and secure baseline enforcement
- Familiarity with DISA STIGs, CIS Benchmarks, and secure hardening practices
- Experience with enterprise dashboards, reporting, and ticketing workflows
- Experience with scripting and automation using tools such as Python, PowerShell, Bash, or similar
- Experience with a wide range of database technologies including:
- Relational databases: Oracle, PostgreSQL, MySQL, MS SQL
- NoSQL Databases: MongoDB
- Cloud-native databases: AmazonRDS, Azure SQL, DynamoDB
- Familiarity with DevSecOps and CI/CD pipeline concepts
- Ability to assess and secure on-premises and cloud-hosted database environments
- Experience with audit logging, encryption, masking, and technical evidence generation for compliance needs
- Strong written and verbal communication skills
- One active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable
- One active Agile certification such as PMI-ACP, SAFe Agilist, CSM, or comparable
Benefits
- Competitive salary, paid twice per month
- Best in class medical coverage
- 100% of medical premiums covered by True Zero
- Company wide new business incentive programs
- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
- 3 weeks of PTO starting + 11 Paid Holidays Annually
- 401k Program with 100% company match on the first 4%
- Monthly reimbursement of Cell Phone and Home Internet costs
- Paternity/Maternity Leave
- Investment in training and certifications to broaden and deepen your technical skills
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
vulnerability managementconfiguration managementdatabase hardeningvulnerability scanningscriptingautomationreportingdashboard developmentCVECIS Benchmarks
Soft Skills
leadershipcommunicationteam coordinationprocess improvementrisk assessmentproblem-solvinginterpersonal skillsorganizational skillstechnical writingcollaboration
Certifications
CASPGSECGSLCCISSPCEHCISMCISAPMI-ACPSAFe AgilistCSM