Back to all jobs

Vulnerability Management SME

Booz Allen

Dec 21

Vulnerability Management SME

Key Role:

Analyze and coordinate vulnerability remediation for new, high-profile vulnerabilities provided by threat intelligence feeds. Present vulnerability findings to system stakeholders and assist throughout the remediation process. Distill and present vulnerability data to teammates and stakeholders in a human-readable format. Collaborate with remote and in-person teams, and independently once the team collaborates on tasking.

Basic Qualifications:

  • 5+ years of experience with IT audits, including conducting technical security compliance tests and vulnerability assessments

  • Experience with the planning, development, coordination, execution, and improvement of compliance and vulnerability management related processes

  • Experience with vulnerability scanning, patching, data analytics technologies, and industry best practices for vulnerability management, risk analysis, and vulnerability remediation plan development

  • Knowledge of NIST SP 800 series and testing NIST SP 800-53 security controls

  • Ability to recognize and perform timely impediment recognition and escalation, including following issues through to completion

  • Ability to present IT security risk to business and technical executive management effectively

  • Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements

  • Bachelor’s degree

Additional Qualifications:

  • Knowledge of distillation of data presented in comma separated value (CSV) format into Excel formats, including Pivot tables, PDF or Microsoft Word templates

  • Knowledge of Cybersecurity threats and techniques used by adversaries

  • Ability to work independently and as part of a multi-disciplined, dynamic team

  • Possession of excellent analytical, problem solving, and interpersonal skills

  • Possession of excellent verbal and written communication skills

  • Bachelor’s degree in Cybersecurity, IT, Forensics, or Computer Engineering preferred

  • CISSP Certification preferred


Applicants selected may be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.