Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description
Everforth ECS is seeking an Enterprise Vulnerability Management Lead SME to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax .
Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Enterprise Vulnerability Management Lead SME serves as the principal authority for vulnerability lifecycle management across WDP's classified and unclassified enterprise environments, directing end-to-end remediation coordination, POA&M governance, and risk acceptance activities that sustain continuous authorization posture across NIPRNet, SIPRNet, and JWICS . This is a senior subject matter expert role demanding deep expertise in enterprise vulnerability operations, DoW Risk Management Framework execution, and Authorizing Official-level reporting, with direct responsibility for protecting mission-critical AI and data platform capabilities supporting warfighter decision-making at the highest levels of DoW leadership.
• Leads coordinated vulnerability management operations supporting Department of War mission systems across unclassified and classified networks.
• Directs enterprise vulnerability lifecycle activities including scan result validation, risk triage, remediation coordination, and continuous tracking of findings affecting operating systems, applications, databases, and network devices.
• Analyzes vulnerability data generated by ACAS, endpoint security platforms, and cloud security tooling to distinguish true risk conditions from false positives and environmental artifacts.
• Develops prioritized remediation strategies aligned to mission impact, threat severity, and authorization timelines while coordinating corrective actions with system owners, platform engineers, and cybersecurity teams.
• Maintains authoritative vulnerability records and remediation status within POA&M repositories, continuous monitoring dashboards, and authorization artifacts supporting Risk Management Framework execution.
• Supports deviation requests and risk acceptance actions through defensible technical analysis and documented mitigation strategies.
• Produces vulnerability trend reports, remediation performance metrics, and executive summaries for cybersecurity leadership and Authorizing Officials using ServiceNow, SharePoint, and reporting platforms.
• Guides junior analysts through standardized workflows for scan validation, POA&M updates, and stakeholder coordination while maintaining consistency and data integrity.
• Enables sustained authorization posture, reduced exposure windows, and improved cyber hygiene across enterprise environments while reinforcing program values of accountability, operational readiness, transparency, and disciplined risk management.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance.
• 12+ years of experience in enterprise vulnerability management, cybersecurity operations, or a closely related discipline, with demonstrated senior subject matter expert-level ownership of vulnerability lifecycle operations across complex federal, DoW, or enterprise classified network and cloud environments.
• IAM Level I certification from an approved credential, including CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Demonstrated hands-on expertise directing enterprise-scale vulnerability management programs using ACAS or Nessus, with applied experience managing POA&M portfolios, producing Authorizing Official-level risk reporting, and leading remediation coordination across diverse system owner communities in support of continuous authorization under NIST 800-53 and DoW RMF requirements.
• Proven experience supporting DoW or federal Risk Management Framework processes, including preparation and maintenance of Body-of-Evidence packages, deviation and risk acceptance documentation, and continuous monitoring artifacts in Government-approved systems such as eMASS or Xacta.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Advanced cybersecurity certification such as Certified Information Systems Security Professional (CISSP), GIAC Continuous Monitoring Certification (GMON), GIAC Enterprise Vulnerability Assessor (GEVA), or Certified Information Security Manager (CISM), demonstrating senior-level mastery of enterprise cybersecurity governance, risk management, and vulnerability operations applicable to DoW mission environments.
• Experience leading vulnerability management operations within DoW or federal classified multi-enclave environments, including applied familiarity with IL5, IL6, and JWICS vulnerability scanning constraints, cross-domain remediation coordination requirements, and enclave-specific deviation and risk acceptance workflows.
• Working knowledge of Zero Trust Architecture implementation and validation, including experience assessing vulnerability exposure within micro-segmented, identity-based access control environments aligned to the DoW Zero Trust Reference Architecture and related continuous monitoring obligations.
• Experience integrating vulnerability management operations within DevSecOps software delivery pipelines, including familiarity with automated STIG compliance validation, container image scanning, supply chain risk management, and pipeline-embedded vulnerability gating in support of continuous authorization for cloud-native government platforms.
• Demonstrated experience mentoring and leading junior vulnerability analysts, including developing standardized operating procedures, scan validation workflows, and POA&M data integrity protocols that strengthen team performance and sustain enterprise-wide cyber hygiene and authorization readiness.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
Everforth ECS is seeking an Enterprise Vulnerability Management Lead SME to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax .
Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Enterprise Vulnerability Management Lead SME serves as the principal authority for vulnerability lifecycle management across WDP's classified and unclassified enterprise environments, directing end-to-end remediation coordination, POA&M governance, and risk acceptance activities that sustain continuous authorization posture across NIPRNet, SIPRNet, and JWICS . This is a senior subject matter expert role demanding deep expertise in enterprise vulnerability operations, DoW Risk Management Framework execution, and Authorizing Official-level reporting, with direct responsibility for protecting mission-critical AI and data platform capabilities supporting warfighter decision-making at the highest levels of DoW leadership.
• Leads coordinated vulnerability management operations supporting Department of War mission systems across unclassified and classified networks.
• Directs enterprise vulnerability lifecycle activities including scan result validation, risk triage, remediation coordination, and continuous tracking of findings affecting operating systems, applications, databases, and network devices.
• Analyzes vulnerability data generated by ACAS, endpoint security platforms, and cloud security tooling to distinguish true risk conditions from false positives and environmental artifacts.
• Develops prioritized remediation strategies aligned to mission impact, threat severity, and authorization timelines while coordinating corrective actions with system owners, platform engineers, and cybersecurity teams.
• Maintains authoritative vulnerability records and remediation status within POA&M repositories, continuous monitoring dashboards, and authorization artifacts supporting Risk Management Framework execution.
• Supports deviation requests and risk acceptance actions through defensible technical analysis and documented mitigation strategies.
• Produces vulnerability trend reports, remediation performance metrics, and executive summaries for cybersecurity leadership and Authorizing Officials using ServiceNow, SharePoint, and reporting platforms.
• Guides junior analysts through standardized workflows for scan validation, POA&M updates, and stakeholder coordination while maintaining consistency and data integrity.
• Enables sustained authorization posture, reduced exposure windows, and improved cyber hygiene across enterprise environments while reinforcing program values of accountability, operational readiness, transparency, and disciplined risk management.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance.
• 12+ years of experience in enterprise vulnerability management, cybersecurity operations, or a closely related discipline, with demonstrated senior subject matter expert-level ownership of vulnerability lifecycle operations across complex federal, DoW, or enterprise classified network and cloud environments.
• IAM Level I certification from an approved credential, including CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Demonstrated hands-on expertise directing enterprise-scale vulnerability management programs using ACAS or Nessus, with applied experience managing POA&M portfolios, producing Authorizing Official-level risk reporting, and leading remediation coordination across diverse system owner communities in support of continuous authorization under NIST 800-53 and DoW RMF requirements.
• Proven experience supporting DoW or federal Risk Management Framework processes, including preparation and maintenance of Body-of-Evidence packages, deviation and risk acceptance documentation, and continuous monitoring artifacts in Government-approved systems such as eMASS or Xacta.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Advanced cybersecurity certification such as Certified Information Systems Security Professional (CISSP), GIAC Continuous Monitoring Certification (GMON), GIAC Enterprise Vulnerability Assessor (GEVA), or Certified Information Security Manager (CISM), demonstrating senior-level mastery of enterprise cybersecurity governance, risk management, and vulnerability operations applicable to DoW mission environments.
• Experience leading vulnerability management operations within DoW or federal classified multi-enclave environments, including applied familiarity with IL5, IL6, and JWICS vulnerability scanning constraints, cross-domain remediation coordination requirements, and enclave-specific deviation and risk acceptance workflows.
• Working knowledge of Zero Trust Architecture implementation and validation, including experience assessing vulnerability exposure within micro-segmented, identity-based access control environments aligned to the DoW Zero Trust Reference Architecture and related continuous monitoring obligations.
• Experience integrating vulnerability management operations within DevSecOps software delivery pipelines, including familiarity with automated STIG compliance validation, container image scanning, supply chain risk management, and pipeline-embedded vulnerability gating in support of continuous authorization for cloud-native government platforms.
• Demonstrated experience mentoring and leading junior vulnerability analysts, including developing standardized operating procedures, scan validation workflows, and POA&M data integrity protocols that strengthen team performance and sustain enterprise-wide cyber hygiene and authorization readiness.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A
