Edgewater Federal Solutions - Bethesda, MD
posted about 2 months ago
Full-time - Mid Level
Bethesda, MD
Professional, Scientific, and Technical Services
About the position
The Vulnerability Team Lead at Edgewater Federal Solutions will oversee the NIH Information Security's vulnerability management program, focusing on preventing unauthorized access and exploitation of vulnerabilities. This role involves leading a team, managing projects, and ensuring compliance with security standards while providing expert guidance on information security issues.
Responsibilities
- Perform Project Management activities, including assigning tasks, coaching, timesheet reconciliation, and performance evaluations.
- Lead the redesign, build, and day-to-day operations of the vulnerability management team, standardizing processes and managing customer expectations.
- Effectively manage a team of vulnerability management professionals to prevent exploitation of IT vulnerabilities.
- Assign and complete VM projects, tasks, and initiatives on time and to NIH standards.
- Maintain a schedule of all VM team projects, tasks, and initiatives.
- Track all team projects in a centralized location (e.g., Microsoft Lists, Jira).
- Provide presentations and communications on security documents across multiple teams and management levels.
- Drive actionable metrics to reduce time and resources needed for vulnerability detection and remediation.
- Manage performance of risk-based assessments of information security issues to prioritize remediation efforts.
- Delegate support for regular vulnerability, compliance/configuration, database, and web application scanning.
- Provide Subject Matter Expert support to ISSOs and System Owners through risk management and compliance monitoring.
- Apply problem-solving and critical thinking skills to evaluate solutions and implement better controls.
- Research current and emerging information security threats and disseminate information to stakeholders.
- Facilitate exception handling and waiver processing as needed.
- Gather and organize technical information about NIH's security posture and needs.
- Identify and troubleshoot problems within managed security tools.
- Maintain communication with security leadership on process optimization and VM priorities.
Requirements
- Bachelor's degree in Computer Science, Information Technology, Electrical Engineering, or related field.
- 8+ years of professional work experience, with at least 5 years in Vulnerability Management, Threat Intelligence, SOC, or Penetration Testing.
- 3+ years managing or supervising a team.
- Information Security-related certifications such as Security+, CEH, CISSP, etc.
- PMP certification.
- Expertise with enterprise Vulnerability Management platforms like Tenable, NetSparker, Nessus.
- Strong problem-solving capabilities and effective communication skills.
- Experience with security scanning tools in an enterprise environment.
Nice-to-haves
- Experience with multiple operating systems (Windows, Mac OS, Unix-based).
- Proficient in MS Office 365 suite (Word, PowerPoint, Excel).
- Thorough understanding of cyber security protocols and network security design.
Benefits
- Equal employment opportunities without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by law.
