Vulnerability Manager #4656


  • US-Remote Employee Location
  • Information Technology
Apply Now

Company Overview

GovCIO is a team of transformers–people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology-related innovation that improves governmental operations each day.

But we can’t do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We’re changing the face of I.T. – from our diverse staff to the end-products we develop. And we’re excited to expand our team. Are you ready to be a transformer?


We are seeking an experienced Vulnerability Manager who has experience with vulnerability management across a large Enterprise with many locations and multiple networks. The Vulnerability Manager (VMgr) will be responsible for working with large technical teams to scope, schedule, and remediate any vulnerabilities identified. The VMgr will also be responsible for working with the cyber security policy teams to ensure updated and accurate vulnerability information is being logged and reported



  • Take the lead on reviewing vulnerabilities’ data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies to determine remediation path and schedule.
  • Actively partner with technology and tools teams to review vulnerabilities, plan remediation, monitor plan, schedule rescan, and report.
  • Provides analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
  • Develop vulnerability dashboards requirements that provide technical teams and program/Government leadership key data.
  • Track and report status of vulnerabilities and their remediation on at least a weekly basis.
  • Develop and manage program vulnerability management standard operating procedures and processes that meet the Government’s vulnerability policies.
  • Assist in ensuring scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
  • Assist technical teams with the identification of baselines that will be subsequently scanned for compliance.
  • Assist technical and security teams in the development of POA&M’s as needed for vulnerabilities that have/will miss criticality timeframe targets.
  • Technically proficient in a multitude of areas including but not limited too: Linux, Windows workstations and servers, Microsoft SQL, VMware, Cisco network infrastructure.
  • Assist in improving and automating the existing vulnerability management lifecycle. Including but not limited, data ingestion & normalization, compliance metrics and detections on assets, composing reports and conducting briefings on the current posture of the Enterprise.
  • Stay current with vulnerability information across all of the technologies within the Enterprise.
  • Assist in working with the Business to effectively communicate the risks of identified vulnerabilities and provide input to recommendations regarding the selection of cost-effective security controls to mitigate identified risks.
  • Schedule and/or perform reoccurring and on demand vulnerability and compliance scanning activities of both on-premise and cloud environments utilizing enterprise platforms.
  • Assist in interfacing with third-party vendors and other groups within the Enterprise to improve the overall security posture.
  • Continuously investigate ways to improve the security posture within the Enterprise as it relates to vulnerability management.


Minimum Qualifications

  • Bachelor’s with 8+ years (or commensurate experience)
  • 5 years of related experience within professional services, vulnerability management, and compliance monitoring.
  • Previous experience working in classified environments.
  • Demonstrated experience leading cybersecurity vulnerability management to include: analysis, recommendation and assistance with remediation.
  • Strong working knowledge of the Qualys scanning tool.
  • Technical understanding of a variety of technical concepts with focus on cloud computing, automation, networking, systems administration (Windows and Linux), application development, and information security best practices.
  • Experience in IT controls monitoring for regulatory and compliance requirements such as DISA STIGs and CIS.

Position can be 100% remote, however, candidates living in the DC Metropolitan area, is highly preferred



  • Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent  

Professional Certifications

  • IT Security Certifications such as Certified Vulnerability Assessor (CVA), Certified Ethical Hacker (CEH), CIPP (Certified Information Privacy Professional), CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor), CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) is a plus.

COVID Policy: New employees will be required to adhere to the Company’s and its clients’ COVID-19 safety procedures. In the event that the COVID-19 vaccination mandate for Federal Contractors is enforced, you must become fully vaccinated or request and be approved for an exemption. Employees working onsite at a client location must comply with our client’s COVID-19 requirements.

GovCIO is a team of professionals who want to make a difference. And that can only happen with a diverse, happy, and cared-for team. So, we prioritize your well-being, equity for all and look for ways to make work a better place for each of us every day.

We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/ F/Vet/Disabled

Compensation Range (In compliance with Colorado's Equal Pay for Equal Work Act for remote or positions located in CO)


Apply Now

Not The Right Fit?

Is this not the job you’re looking for? That’s ok! We’ve got plenty of other opportunities for you to peruse. Search all of our open positions by your area of interest or location.

View All Jobs