Vulnerability Management Lead, Top Secret
Position Summary The Vulnerability Management Lead oversees teams that delivers comprehensive, standardsaligned security assessments and validation services across cloud, operational technology OT, industrial control systems (ICS), and enterprise environments identifying vulnerabilities, evaluating control effectiveness, and measuring readiness to strengthen the cybersecurity posture of government and commercial information systems. The successful lead directs tailored test plans (e.g., vulnerability assessments, penetration testing, SOC evaluations, phishing exercises), ensures actionable findings, and prioritized mitigation guidance. Key Responsibilities Assessment & Security Validation LeadershipOversee teams conducting comprehensive sitebased and remote assessments supporting, vulnerability management, compliance validation, and adhoc inspection needs.Ensure detailed assessments of technical and nontechnical controls across cloud, baremetal, and OT/ICS systems are aligned to NIST frameworks, Federal guidance, and Cyber Performance Goals.Direct tailored test plans.Oversee assessments of performance using red, blue, and purpleteam methodologies.Manage automated system and webapplication scanning, phishing assessments, and development of customized plugin policies.Enforce clear operational oversight practicesweekly status reports, daily assessment updates, formal kickoffs, and structured outbriefs. Remediation Orchestration & Risk ReductionOversee endtoend management of assessment findingsadvising system owners on corrective actions and ensuring vulnerabilities are prioritized, fixed, mitigated, or appropriately riskaccepted (where/when applicable).Direct delivery of automated remediation tracking, trend analysis, and documented mitigation strategies.Ensure machinereadable assessment outputs are produced and that CISAstandard tools, techniques, and procedures.Integrate artificial intelligence/machine learning (AI/ML)enabled vulnerability discovery and enrichment tools.Leverage MLdriven risk scoring models to support prioritization of remediation actions, incorporating threat intelligence, exploitability indicators, adversary behaviors, and mission impact.Implement AIassisted analytics to evaluate remediation trends, predict control failures, and provide early warning indicators.Employ automated reasoning and natural language processing (NLP) technologies.Oversee integration of AIpowered attack simulation, redteam automation, and adversary emulation platforms.Direct the use of AIbased anomaly detection and behavior modeling.Ensure assessment and remediation workflows are compatible with AIenabled orchestration platforms, allowing realtime synchronization of findings, automated task assignment, and predictive remediation timelines.Guide adoption of MLassisted configuration baselining and drift detection capabilities that alert teams to deviations from secure architectures and federal benchmarks.Promote responsible and compliant use of AI/ML in vulnerability management. Threat Emulation & Simulation OperationsOversee teams that emulate and simulate realworld threat actors in live and synthetic environments.Ensure the creation and operation of realistic, secure, and rapidly reconfigurable emulated network environments for representative cyberrange experimentation.Direct reproduction of adversary behaviors (intelligencederived TTPs, opensource reporting, government-provided data) in test/evaluation environments to improve detection and prevention.Oversee red and blueteam exercises on emulated networks using realistic tools, malware, and tradecraft.Ensure adversary behavioral characteristics from emulation activities are collected and transformed into improved analytics, detection logic, and defensive process enhancements.Employ MLbased behavior modeling engines to create adaptive threat actors.Use AIassisted cyber range orchestration tools to configure, deploy, and reset complex emulated environments, enabling faster test cycles.Implement AI/ML analytics to evaluate telemetry captured from emulation and simulation events, identifying defensive blind spots, response gaps, and control weaknesses.Leverage machine learning to generate synthetic malware variants, exploit chains, and network behaviors that stress test signaturebased and behaviorbased detection mechanisms.Direct the use of autonomous or semiautonomous redteam augmentation tools.Incorporate AIpowered anomaly detection systems into blueteam exercises to evaluate how effectively defensive tools and analysts.Ensure adversary emulation telemetry is transformed into machinereadable threat intelligence artifacts (e.g., STIX, ATT&CKmapped behavioral profiles). Governance, Reporting & Continuous ImprovementMaintain continuous communication with system owners and stakeholders.Recommend innovative processes and technologies that modernize assessment efficiency and accuracy, enabling scalable methodologies.Drive analytic rigor by producing custom testing artifacts and enhancing tooling/processes used across engagements.Implement AIenabled reporting workflows that automatically transform machinereadable assessment data into tailored dashboards, executive summaries, and auditready artifacts aligned with federal and CISA reporting standards.Employ natural language processing (NLP) tools to analyze assessment narratives, finding trends, common control failures, and opportunities for standardization or process optimization.Suggest the integration of AIassisted governance tools that predict remediation timelines, estimate risk reduction outcomes, and support decisionmaking for prioritizing enterpriselevel mitigation actions.Use machine learning to continuously evaluate the effectiveness of assessment methodologies and control validation processes, recommending evidencebased improvements to increase precision and reduce manual effort.Propose the adoption of generative AI tools to prototype new testing artifacts, emulate threat conditions, and accelerate the development of reusable templates that enhance efficiency across teams.Ensure responsible, transparent, and auditable use of AI/ML technologies within governance and reporting workflows, aligned with federal AI risk management practices and agencyspecific policies. Required QualificationsExperience overseeing vulnerability management programs and security assessments (cloud, enterprise, OT) for largescale federal environments, including penetration testing and SOC evaluation.Demonstrated ability to manage remediation workflows, automated tracking, and risk acceptance processes aligned to federal frameworks (e.g., FISMA, NIST) and CISA standards.Familiarity with red/blue/purpleteam practices, phishing assessment design, and PoC exploit development to validate controls and detection logic.Strong communication and reporting skills (status reports, kickoffs, outbriefs) with a focus on measurable mission impact.10 years of overall cybersecurity experience with 5 years of management of cybersecurity teamsExperience integrating AI/MLenabled tools into vulnerability discovery, risk scoring, and remediation workflows, including automated analysis pipelines and machinereadable assessment outputs.Demonstrated ability to evaluate and operationalize AIassisted threat emulation, automated adversary simulation systems, or modeldriven redteam augmentation capabilities.Familiarity with AI/ML analytics used for detection logic improvement, control effectiveness measurement, and identification of systemic weaknesses across largescale enterprise or cloud environments.Handson experience using or overseeing AIpowered reporting and governance workflows, such as automated dashboarding, NLPbased narrative generation, or predictive remediation analytics.Knowledge of federal AI governance and risk management principles (e.g., NIST AI RMF, agencyspecific AI policies) and the ability to ensure responsible, auditable, and compliant use of AI within cybersecurity operations.Practical understanding of MLdriven behavioral analysis, anomaly detection, and adversary behavior modeling tools employed in SOC evaluation, emulation exercises, or continuous monitoring programs.Experience managing teams that utilize cyber range automation platforms or AIenabled orchestration tools to configure, deploy, and validate secure test environments rapidly and consistently.Ability to assess and validate output from AI/ML systems. Desired QualificationsExperience with threat emulation/simulation environments and cyberrange operations that replicate adversary target spaces.Background turning adversary behavior insights into analytics and detection logic enhancements.Relevant certifications (e.g., CISSP, OSCP, GPEN, GICSP) and familiarity with CISA Cyber Performance Goals and NIST control baselines. GDIT IS YOUR PLACE401K: With company match.Health & Wellness: Comprehensive health and wellness packages.Career Growth: Internal mobility team dedicated to helping you own your career.Professional Development: Growth opportunities including paid education and certifications.Innovative Tech: Access to cutting-edge technology to stay ahead of the mission.Work-Life Balance: Rest and recharge with paid vacation and holidays.
|
