×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Vulnerability Management & SecOps Specialist

Job in Bethesda, Montgomery County, Maryland, 20811, USA
Listing for: Dovel Technologies, Inc
Full Time position
Listed on 2026-01-24
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below
** Job Family:
** IT Cyber Security
*
* Travel Required:

** Up to 25%
*
* Clearance Required:

** Ability to Obtain Public Trust
*
* What You Will Do:

**### 1. Vulnerability Management
* Lead vulnerability management operations, ensuring alignment with BOD 22-01 and federal cybersecurity mandates.
* Manage, monitor, and report vulnerabilities across NIH/HHS systems using tools such as Tenable.sc / Tenable.io, and coordinate timely remediation activities.
* Develop vulnerability prioritization models based on risk, exposure, and asset criticality.
* Ensure compliance with patching timelines and federal vulnerability directives.
* Collaborate with infrastructure, cloud, and application teams to validate remediation actions.### 2. Security Operations & Automation
* Enhance and maintain Sec Ops workflows through automation and dashboard development.
* Utilize Power BI, Python, and Power Automate (or similar tools) to automate reporting, trend analysis, and compliance tracking.
* Develop API integrations with vulnerability management tools (e.g., Tenable, Splunk, Service Now, or CSAM) for real-time monitoring dashboards.
* Support automation of vulnerability data ingestion and normalization across multiple environments (cloud and on-premises).### 3. Compliance & Policy Alignment
* Ensure continuous compliance with CISA’s Binding Operational Directive (BOD) 22-01, NIST SP 800-53, and FISMA requirements.
* Work closely with Risk Management Framework (RMF) and SA&A teams to align vulnerability findings with system security plans (SSPs), POA&Ms, and ATO documentation.
* Support preparation of reports for leadership and federal oversight bodies.### 4. Reporting & Dashboards
* Build and maintain interactive Power BI dashboards that visualize vulnerabilities, risk posture, remediation progress, and compliance trends.
* Translate technical findings into executive-level risk summaries.
* Develop KPI and SLA metrics for vulnerability closure rates, asset risk scoring, and compliance tracking.### 5. Communication & Coordination
* Communicate complex technical information clearly to both technical and non-technical audiences.
* Collaborate with cross-functional teams (IT Operations, Cloud Engineering, Privacy, and Compliance).
* Provide status briefings and vulnerability insights to leadership.## Deliverables
* Monthly Vulnerability & Risk Posture Reports.
* Automated Power BI dashboard connected to vulnerability management and GRC systems.
* Vulnerability Management SOPs and process documentation.
* POA&M updates tied to vulnerability findings.
* CISA BOD 22-01 compliance tracking reports.
*
* What You Will Need:

*** Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred

* Experience:

4–6 years of cybersecurity or IT risk management experience, with at least 3 years focused on vulnerability management or Sec Ops.
* Tools:
Hands-on experience with Tenable (Nessus, Tenable.sc, or Tenable.io); familiarity with other tools (Big Fix, Splunk, Sentinel, CSAM) preferred.
* Knowledge:
Deep understanding of BOD 22-01, NIST 800-53, and FISMA requirements.
* Technical

Skills:

- Power BI (data modeling, report building, DAX formulas) - Power Automate / Python / API scripting for automation - Windows and Linux vulnerability management  - Cloud security concepts (AWS, Azure, or Google Cloud)

* Certifications:

Active CompTIA Security+ CE required. Other certifications (CISSP, CEH, or cloud-related) are a plus.

* Soft Skills:

Strong communication and analytical thinking; ability to manage multiple concurrent priorities and deadlines.
* Onsite:
Expected 1-2 days onsite at client site (Bethesda, MD)
** What Would Be Nice To Have:
*** Experience developing automated data pipelines or integrating Tenable APIs into Power BI dashboards.
* Familiarity with Service Now Vulnerability Response, CSAM, or Splunk Security Essentials.
* Knowledge of MITRE ATT&CK framework and vulnerability prioritization methodologies (e.g., EPSS, CVSS v3).
* Prior experience within a federal or HHS environment.

The annual…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search