user avatar

Vulnerability & Risk Management Specialist

DeMase Technical Services, LLC

Posted today

Job Requirements

Oak Ridge, TN
DoE Q or L Polygraph not specified
Mid Level Career (5+ yrs experience)
$85,000 - $145,000

Job Description

DeMase Technical Services is a Women-Owned Small Business created by experts in the cybersecurity, energy, nuclear, and defense markets. We offer best-in-class solutions for nuclear facility licensing, permitting, startup, operations, cybersecurity, and next generation technologies. DeMase provides expert professionals in the fields of cybersecurity, next generation information technologies, nuclear engineering, nuclear technologies, and environmental management. Our cybersecurity team is an industry leader supporting the Cybersecurity Maturity Model Certification (CMMC) ecosystem. DeMase is an expert authorized CMMC C3PAO and full-service CMMC provider for readiness and certification. View our website for more information.

Employment type: Full-Time

The Vulnerability & Risk Management Specialist is responsible for identifying, assessing, monitoring, and helping mitigate cybersecurity risks across all enterprise systems, including unclassified, classified, industrial control systems, and cloud system environments. This role combines vulnerability management expertise with SOC‑level monitoring, detection, correlation, and response activities to ensure strong continuous monitoring and defense‑in‑depth across the organization.

This role requires an active DOE Q security clearance (or equivalent DoD TS). 

Vulnerability Management:
• Conducts scheduled and ad‑hoc vulnerability scans using approved scanning tools, e.g., Nessus, Defender, NinjaOne;
• Analyzes scan results, validates true positives, prioritizes findings based on exploitability, risk, and mission impact;
• Addresses vulnerabilities in collaboration with the ISSO, System Administrators, and Network Administrators based on access control roles;
• Maintains and updates vulnerability tracking dashboards, reports, and remediation timelines; and
• Supports RMF continuous monitoring by documenting vulnerabilities into POA&Ms and tracking mitigation progress.

Risk Management:
• Performs risk assessments for changes, new systems, and emerging threats;
• Maintains the organizational risk register and supports risk scoring based on likelihood and impact;
• Maps vulnerabilities to NIST control weaknesses and support corrective actions;
• Contributes to SSP updates, risk acceptance decisions, and risk mitigation strategies; and
• Provides security risk guidance for new projects, technologies, and system architectures.

SOC (Security Operations Center) Capabilities:
• Reviews and monitors SIEM alerts, logs, and security telemetry for indicators of compromise (IOCs);
• Correlates vulnerability data with SOC detection events to identify active exploitation attempts; and
• Tunes detection rules/signatures based on vulnerabilities, threat intelligence, or observed behaviors.

Incident Response Support:
• Provides vulnerability context during incident triage, e.g., known exploited CVEs, system exposure;
• Assists Incident Response teams with containment and remediation actions; and
• Contributes to root cause analysis reports and incident documentation.

Threat Intelligence Integration:
• Reviews external and internal threat intelligence feeds for emerging threats and new exploit activity;
• Maps threats to assets using vulnerability data to identify high‑risk systems; and
• Recommends prioritization changes based on exploitation trends and threat actor TTPs.

Security Tooling & Analytics:
• Works with SIEM, SOAR, EDR, NDR, and log analysis tools to improve detection fidelity; and
• Creates custom alert logic or correlation rules based on vulnerabilities, misconfigurations, or risk indicators.

Continuous Monitoring:
• Contributes to the organization’s continuous monitoring program: log review and alert response.

Basic qualifications
• Active DOE Q security clearance (or equivalent DoD TS) 
• Strong experience with vulnerability scanning and SOC tools and frameworks, e.g., Nessus, Qualys, Defender, Sentinel, SentinelOne, NinjaOne, etc.
• Understanding of CVE, CVSS, KEV catalogs, and exploitability scoring
• Hands‑on experience with SIEM tools
• Familiarity with SOC processes, e.g., Tier 1/2 monitoring, triage, escalation paths
• Knowledge of MITRE ATT&CK, threat modeling, and cyber kill chain concepts
• Understanding of NIST RMF, NIST SP 800‑53, 800-82 and continuous monitoring programs
• Security+, CySA+, CEH, or equivalent baseline
• GCIH, GCIA, or Experience correlating vulnerabilities with active alerts or threat events
• Ability to provide actionable security recommendations to technical and non‑technical audiences
• Experience supporting both unclassified and classified environments

Preferred skills/qualifications
• SOC‑focused certifications
• Incident response or digital forensics experience

Pay range: $85,000 - $145,000 depending on education and experience 

Disability accommodation:
DeMase Technical Services, LLC is committed to providing reasonable accommodation to applicants with disabilities where appropriate. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.

Benefits :
At DeMase Technical Services, we recognize that high-performing technical professionals need more than just a paycheck—they need a total rewards package that supports performance, resilience, and long-term career sustainability. Our approach is designed with a focus on the full lifecycle of our workforce, from day-to-day well-being to long-term financial security.

We offer a competitive and thoughtfully structured benefits program that supports the demands of technical work, promotes personal and professional stability, and enables you and your family to thrive—both on and off the job. For full-time employees, our benefits include:
• Healthcare (Medica, dental, and vision insurance)
• Flexible schedule
• Health savings account
• Life insurance
• Paid time off
• Retirement plan
• 10 paid holidays

Compliance:
DeMase Technical Services is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law. 
Affirmative Action employer compliant with OFCCP regulations.

EEOC/AA Employer – Individuals with disabilities and protected veterans welcomed.

E-Verify: 
DeMase participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program. 

Applicants must be able to comply with DeMase Technical Services policies and procedures, including the Code of Ethics and Business Conduct and related workplace conduct and safety policies. 

Pay transparency and nondiscrimination statement:
DeMase Technical Services complies with all applicable federal, state, and local pay transparency laws. The compensation range provided in this job posting represents a good faith estimate of the base salary or hourly rate for this position at the time of posting. Actual compensation may vary based on factors such as experience, education, skills, geographic location, and internal equity. 

In addition to base pay, eligible employees may receive a comprehensive benefits package, which may include health insurance, retirement plans, paid time off, and other company-sponsored programs (all benefits are subject to eligibility requirements).

As a federal contractor, DeMase Technical Services will not discharge or in any other manner discriminate against employees or applicants because they inquire about, discuss, or disclose their own pay or the pay of another employee or applicant; however, employees who have access to compensation information as part of their essential job functions may not disclose such information to individuals who do not otherwise have access, unless the disclosure is: 
• In response to a formal complaint or charge 
• In furtherance of an investigation, proceeding, hearing, or action 
• Consistent with the Company’s legal duty to furnish information
group id: 91163141