Remotery

Senior Vulnerability Management Engineer – Active Secret Clearance

Posted 2 days ago

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee and enhance the complete Tenable platform, which includes:

• - Tenable.sc

• - Tenable Vulnerability Management (previously Tenable.io)

• - Nessus

• - Nessus Agents

• Conduct both authenticated and unauthenticated vulnerability assessments across Windows, Linux, network, and cloud settings.

• Evaluate vulnerability data, confirm findings, filter out false positives, and prioritize remediation efforts based on risk levels.

• Facilitate remediation processes in collaboration with infrastructure, networking, and application teams until resolution.

• Oversee scan schedules, repositories, credentials, scan zones, and agent installations.

• Diagnose scanning problems, credential failures, performance issues, and overall platform health.

• Create executive dashboards, compliance documentation, and security metrics.

• Assist with RMF continuous monitoring, POA&M management, and audit-related tasks.

• Integrate Tenable with ServiceNow, SIEM, asset management, and automation tools.

• Develop automation solutions using PowerShell, Python, Bash, and Tenable APIs.

• Suggest enhancements for system hardening and security best practices.

• Offer technical guidance to junior engineers and vulnerability analysts.

• Aid in security investigations and incident response efforts that necessitate vulnerability analysis.


⛳️ Requirements

• Over 7 years of experience in cybersecurity engineering, vulnerability management, or systems engineering.

• Background in supporting Federal Government or DoD environments (5+ years preferred).

• Active Secret Clearance (TS/SCI preferred).

• Extensive experience managing:

• - Tenable.sc

• - Tenable Vulnerability Management

• - Nessus

• - Nessus Agents

• Strong comprehension of the vulnerability management lifecycle and remediation procedures.

• Familiarity with:

• - CVSS scoring

• - Known Exploited Vulnerabilities (KEV)

• - Patch management

• - STIG compliance scanning

• - False-positive validation

• Proficient knowledge of:

• - Windows Server

• - Linux (RHEL, CentOS, Ubuntu)

• - VMware vSphere

• - AWS and/or Azure

• - Enterprise networking (TCP/IP, DNS, VLANs, routing, switching)

• Compliance experience supporting one or more of the following:

• - NIST SP 800-53

• - Risk Management Framework (RMF)

• - DISA STIGs and SRGs

• - CMMC

• - CIS Benchmarks

• - DoD 8570 / 8140 requirements

• Preferred Skills:

• - Proficiency in PowerShell, Python, or Bash scripting

• - Tenable API development and automation

• - Integration with ServiceNow or Jira

• - Experience with SIEM and SOAR platforms

• - Executive reporting and security metrics

• - Experience in enhancing vulnerability remediation processes and reducing MTTR


🏝️ Benefits

• Comprehensive health and wellness benefits.

• Opportunities for professional development and continuous learning.

• Flexible work environment.

• Competitive salary and performance-based incentives.

People also viewed

BJAK18 hours ago

Full Stack Engineer

HK flagHong Kong OnlyFull-timeFull-stack Engineer
ApplyView job
Liberty Dental Plan1 day ago

Lead Software Engineer

US flagOklahoma OnlyFull-timeFull-stack Engineer$135k – $145k/year
ApplyView job
Capital One1 day ago

Senior Lead Software Engineer, Full Stack - Shopping

US flagVirginia OnlyFull-timeFull-stack Engineer$209k – $238.5k/year
ApplyView job
Freenome1 day ago

Senior Software Engineer

US flagUnited States OnlyFull-timeFull-stack Engineer$161.9k – $227.3k/year
ApplyView job
Akvelon, Inc.2 days ago

Mid-Senior Full-Stack SDE

AM flagArmenia OnlyFreelanceFull-stack Engineer
ApplyView job
GFN2 days ago

Instructor/Trainer – Linux

DE flagGermany OnlyFull-timeFull-stack Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers