← Back to Jobs
Other
Senior Vulnerability Management Specialist
STAFFXPERT LLCUnited States🇺🇸United StatesPosted 15 Jul 2026
Quick Overview
Work Type
Hybrid
Level
Mid Senior
Job Description
Senior Vulnerability Management Specialist
Location: Remote
Job Summary
STAFFXPERT LLC is seeking a Senior Vulnerability Management Specialist on behalf of our client in a Remote location. This position is ideal for an experienced cybersecurity professional with a strong background in enterprise vulnerability management, federal cybersecurity frameworks, cloud security, and governance, risk, and compliance (GRC). The successful candidate will play a key role in strengthening the organization''s security posture by leading vulnerability assessments, driving remediation efforts, supporting compliance initiatives, and collaborating with cross-functional stakeholders to ensure continuous improvement of enterprise security programs.
Key Responsibilities
Preferred Qualifications
Location: Remote
Job Summary
STAFFXPERT LLC is seeking a Senior Vulnerability Management Specialist on behalf of our client in a Remote location. This position is ideal for an experienced cybersecurity professional with a strong background in enterprise vulnerability management, federal cybersecurity frameworks, cloud security, and governance, risk, and compliance (GRC). The successful candidate will play a key role in strengthening the organization''s security posture by leading vulnerability assessments, driving remediation efforts, supporting compliance initiatives, and collaborating with cross-functional stakeholders to ensure continuous improvement of enterprise security programs.
Key Responsibilities
- Lead and manage enterprise vulnerability management activities in accordance with industry and federal cybersecurity standards.
- Conduct vulnerability assessments across on-premises systems, cloud environments, containerized workloads, and Infrastructure-as-Code (IaC) deployments.
- Track security findings through remediation, validation, and closure while maintaining accurate documentation.
- Develop and manage Plans of Action and Milestones (POA&Ms) using CSAM or comparable Governance, Risk, and Compliance (GRC) platforms.
- Integrate vulnerability data with SIEM and IT service management platforms to streamline remediation workflows.
- Assess CI/CD pipeline security and implement policy-as-code practices to identify vulnerabilities early in the software development lifecycle.
- Apply NIST Risk Management Framework (RMF) and security controls to support risk assessments, compliance initiatives, and continuous monitoring.
- Support internal and external security audits by preparing documentation, evidence, and remediation plans.
- Develop and maintain security documentation, including standard operating procedures, implementation guides, playbooks, policies, and risk reports.
- Present technical findings and risk recommendations to both technical teams and executive leadership.
- Collaborate with cross-functional teams to ensure timely resolution of identified security risks.
- Bachelor''s degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related technical discipline.
- 6+ years of experience in cybersecurity, vulnerability management, information security, or a related field.
- Strong experience with enterprise vulnerability management programs and security assessment processes.
- Hands-on experience performing vulnerability assessments across cloud, containerized, and traditional infrastructure environments.
- Experience managing remediation efforts and POA&Ms using CSAM or comparable GRC platforms.
- Working knowledge of NIST Risk Management Framework (RMF), NIST SP 800-53 Security Controls, and Information Security Continuous Monitoring practices.
- Experience supporting compliance initiatives and security audits.
- Familiarity with CI/CD security, Infrastructure-as-Code (IaC), and policy-as-code implementations.
- Experience integrating vulnerability management tools with SIEM and IT service management platforms such as ServiceNow.
- Strong analytical, organizational, and problem-solving skills.
- Excellent written and verbal communication skills with the ability to communicate effectively with both technical and business stakeholders.
Preferred Qualifications
- Experience with vulnerability management and security tools such as Tenable Nessus, Splunk, and Governance, Risk & Compliance (GRC) platforms.
- Familiarity with OWASP security principles and cloud-native security practices.
- Experience using Microsoft Power BI, Microsoft Teams, and SharePoint.
- Knowledge of Agile project management methodologies.
- Professional cybersecurity certifications such as Certified Information Security Manager (CISM), CompTIA Security+, or other relevant industry certifications.
Skills
OWASP
Splunk
Agile
Compliance
Continuous Improvement
Power BI
Risk Management
ServiceNow
Similar jobs
Retail Reset Merchandiser
SAS Retail Services · Worcester, United States
46 minutes ago$17/hrDeployment Strategist - US Government
Palantir · United States
54 minutes agoPart-Time IT Help Desk Technician (On-Site) - MSP Environment
NorCal Tech Solutions, Inc. · Sacramento, United States
54 minutes agoEnterprise Data & Analytics Architect
Ledgent Technology · San Diego, United States
55 minutes ago$130k - $150k/yrProject Coordinator I - AI Use Case Support
Ledgent Technology · United States
1 hour ago$28 - $31/hrEarth Systems Scientist
SAIC · Greenbelt, United States
1 hour ago$120.0k - $160k/yr