
Senior Vulnerability Management Engineer – Active Secret Clearance
Posted 2 days ago

Posted 2 days ago
This is a fully remote position, open to applicants in United States.
• Oversee and enhance the complete Tenable platform, which includes:
• - Tenable.sc
• - Tenable Vulnerability Management (previously Tenable.io)
• - Nessus
• - Nessus Agents
• Conduct both authenticated and unauthenticated vulnerability assessments across Windows, Linux, network, and cloud settings.
• Evaluate vulnerability data, confirm findings, filter out false positives, and prioritize remediation efforts based on risk levels.
• Facilitate remediation processes in collaboration with infrastructure, networking, and application teams until resolution.
• Oversee scan schedules, repositories, credentials, scan zones, and agent installations.
• Diagnose scanning problems, credential failures, performance issues, and overall platform health.
• Create executive dashboards, compliance documentation, and security metrics.
• Assist with RMF continuous monitoring, POA&M management, and audit-related tasks.
• Integrate Tenable with ServiceNow, SIEM, asset management, and automation tools.
• Develop automation solutions using PowerShell, Python, Bash, and Tenable APIs.
• Suggest enhancements for system hardening and security best practices.
• Offer technical guidance to junior engineers and vulnerability analysts.
• Aid in security investigations and incident response efforts that necessitate vulnerability analysis.
• Over 7 years of experience in cybersecurity engineering, vulnerability management, or systems engineering.
• Background in supporting Federal Government or DoD environments (5+ years preferred).
• Active Secret Clearance (TS/SCI preferred).
• Extensive experience managing:
• - Tenable.sc
• - Tenable Vulnerability Management
• - Nessus
• - Nessus Agents
• Strong comprehension of the vulnerability management lifecycle and remediation procedures.
• Familiarity with:
• - CVSS scoring
• - Known Exploited Vulnerabilities (KEV)
• - Patch management
• - STIG compliance scanning
• - False-positive validation
• Proficient knowledge of:
• - Windows Server
• - Linux (RHEL, CentOS, Ubuntu)
• - VMware vSphere
• - AWS and/or Azure
• - Enterprise networking (TCP/IP, DNS, VLANs, routing, switching)
• Compliance experience supporting one or more of the following:
• - NIST SP 800-53
• - Risk Management Framework (RMF)
• - DISA STIGs and SRGs
• - CMMC
• - CIS Benchmarks
• - DoD 8570 / 8140 requirements
• Preferred Skills:
• - Proficiency in PowerShell, Python, or Bash scripting
• - Tenable API development and automation
• - Integration with ServiceNow or Jira
• - Experience with SIEM and SOAR platforms
• - Executive reporting and security metrics
• - Experience in enhancing vulnerability remediation processes and reducing MTTR
• Comprehensive health and wellness benefits.
• Opportunities for professional development and continuous learning.
• Flexible work environment.
• Competitive salary and performance-based incentives.
Liberty Dental Plan
Capital One
Freenome
Get handpicked remote jobs straight to your inbox weekly.