We’re hiring a Vulnerability Management Security Analyst to support vulnerability remediation and cybersecurity initiatives for a critical government IT engagement. Based in either Washington, D.C. or Seaside, CA, this hybrid role offers the chance to make a direct impact on national-level information security. Your work will strengthen the integrity of complex systems through vulnerability management, compliance enforcement, and collaborative security engineering.

What You’ll Do:

• Identify, track, and remediate vulnerabilities across Windows and Linux/UNIX environments
• Perform OS hardening and enforce compliance with DISA STIGs
• Analyze vulnerability data and deliver weekly metrics to leadership
• Support DevSecOps practices and help embed security into the development lifecycle
• Coordinate with IT and compliance teams to ensure aligned remediation strategies
• Monitor and uphold cybersecurity frameworks like NIST and ISO 27001

You’ll Bring:

• 5+ years of experience in vulnerability management or security engineering with a working knowledge of OS hardening/compliance/DISA STIGs.
• Strong knowledge of Windows OS (Workstation and Server)
• Foundational knowledge of Linux/UNIX, networking, databases, and IT systems
• A current Secret Clearance (Tier 3)—required to start
• 8570 Certification such as Security+ or CISSP

Hands-on experience with:

• DISA STIGs and IAVM program
• PowerShell scripting
• Security tools including ACAS (MECM, Tanium, and Microsoft Defender for Endpoint - all a plus)
• Strong understanding of authentication mechanisms, permissions, and networking
• Proven communication, critical thinking, and organizational skills

Desired Skills & Experience:

• Working knowledge of Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk strongly desired.
• Capable of performing trend and analysis of vulnerability scan data and preparation of weekly metrics for presentation to leadership

Location: Washington D.C. or Seaside, CA

Work Style: Hybrid (on-site presence required occasionally)