The Defense and Intelligence Group of Leidos has an opening for a Vulnerability Management SME (Subject Matter Expert) at Joint Base Andrews, Maryland.
Vulnerability Management SME supports the AFNCR IT Services program and will perform as a Cyber Security Engineer, working directly with the Government Information System Security Officer (ISSO), Information System Security Manager (ISSM), and operational service delivery teams to implement a "Cyber Ready 365" posture. The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas are: IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment. The Vulnerability Manager is a participant in the Cyberspace-focused boards, bureaus, centers, cells, and working groups (e.g., cyberspace resiliency working group). The Vulnerability Manager shall maintain communications and coordination between internal and external service providers in order to maintain situational awareness over the enterprise.
- Prepare and provide weekly cybersecurity vulnerability status snapshots and trend analysis. Consolidate ongoing operational activities in a daily status briefing including cause, fix, impact, and prevention recommendations.
- Coordinate, schedule, log, and report enterprise and local vulnerability mitigation efforts to ensure minimum 95% compliance and reporting in accordance with required timelines.
- Devise, originate, track, and complete all Plan of Action and Milestones (POA&Ms) to support vulnerability mitigation efforts.
- Support the system administration team with SOP's and troubleshooting systems not able to be patched through automated tools.
- Upon notification from the Cybersecurity office, report vulnerabilities and mitigations to the appropriate teams. Track, compile, assess, and report on these vulnerabilities, unauthorized activities, and security incidents.
- Coordinate with the Cybersecurity office on the results of vulnerability scans and assessments.
- Bachelor's degree plus 8 years of experience, additional years of IT experience accepted in lieu of a degree.
- Possess current IAM Level 3 certification (e.g., CISM, CISSP, GSLC).
- Currently possess a DoD Secret security clearance or higher.
- Familiarity with Government and DoD IT and security policies and requirements.
- Experience working in a military environment, particularly in a Command Center.