Vulnerability Management Engineer

T-Rex Solutions is seeking a Vulnerability Management Engineer to support the U.S. Department of Education enterprise cloud program. This position is responsible for driving vulnerability remediation efforts across cloud-hosted Windows and Linux systems, including coordination, technical validation, and closure of POA&Ms. The role requires strong hands-on technical skills, the ability to diagnose complex findings, and the capability to work directly with system teams to rapidly mitigate vulnerabilities that require more than routine patching. Responsibilities include assessing vulnerability output, developing remediation plans, identifying root causes, and executing corrective actions across AWS and Azure environments.

Responsibilities:

• Interpret and analyze vulnerability results from tools such as Tenable Nessus to assess risk, identify remediation paths, and drive POA&Ms to closure.
• Utilize deep technical skills to log into affected systems and directly address complex vulnerabilities across Red Hat Enterprise Linux and Windows Server workloads.
• Coordinate closely with system owners, engineering teams, and cloud platform teams to implement mitigations with minimal turnaround time.
• Apply strong understanding of cloud security best practices across AWS and Azure environments.
• Use comprehensive knowledge of operating system internals to resolve non-standard or configuration-based vulnerabilities.
• Develop, track, and validate remediation plans for findings that require configuration changes, service adjustments, or architectural modifications.
• Monitor remediation progress, identify blockers, and ensure accurate and timely documentation in accordance with program requirements.
• Provide technical support and troubleshooting related to vulnerability remediation activities.
• Work with engineering staff to validate fixes, retest findings, and ensure vulnerabilities do not reoccur.
• Participate in continuous improvement of vulnerability management processes, reporting, and operational readiness.
• Work closely with the program's Information System Security Officer (ISSO) to coordinate vulnerability remediation activities, POA&M management, and continuous monitoring.
• Align vulnerability remediation efforts with RMF and ATO requirements in coordination with the ISSO.
• Serve as a backup to the ISSO, providing continuity of security and compliance operations as needed.
• Support preparation and updates of security documentation inputs, including POA&M updates and assessment artifacts, related to vulnerability findings.

Requirements:

• Must be a U.S. Citizen with the ability to obtain a Public Trust clearance.
• Bachelor's degree with four (4) or more years of related experience, or a Master's degree with two (2) or more years of related experience.
• Strong technical experience with Red Hat Enterprise Linux and Windows Server.
• Hands-on experience with AWS and Azure cloud environments.
• Ability to interpret Tenable Nessus scan results and translate them into actionable remediation steps.
• Experience remediating OS-level vulnerabilities, configuration weaknesses, and cloud-related findings.
• Working knowledge of TCP/IP networking fundamentals.
• Strong understanding of security hardening principles, STIGs, CIS Benchmarks, and secure configuration practices.

Desired Skills:

• CySA+, CEH, Azure Security Engineer, AWS Security Specialty, or similar certification.
• Experience with automation tools such as Terraform, Ansible, or cloud-native configuration services.

T-Rex Overview

Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government as it increasingly tries to secure and leverage the power of data. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in the areas of Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.

T-Rex is constantly seeking qualified people to join our growing team. We have built a broad client base through our devotion to delivering quality products and customer service, and to do that we need quality individuals. But more than that, we at T-Rex are committed to creating a culture that supports the development of every employee's personal and professional lives. T-Rex has made a commitment to maintain the status of an industry leader in compensation packages and benefits which includes competitive salaries, performance bonuses, training and educational reimbursement, Transamerica 401(k) and Cigna healthcare benefits.

T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors.

In compliance with pay transparency guidelines, the annual base salary range for this position is $120,000 - $154,000. Please note that the salary information is a general guideline only. T-Rex considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.

T-Rex offers a diverse and collaborative work environment, exciting opportunities for professional growth, and generous benefits, including: PTO available to use immediately upon joining (prorated based on start date), paid parental leave, individual and family health, vision, and dental benefits, annual budget for training, professional development and tuition reimbursement, and a 401(k) plan with company match fully vested after 60 days of employment among other benefits.