Vulnerability Management Lead

Job Locations US-DC
Job ID
Posted Date
# of Openings
Cyber Security
Public Trust
Work Authorization
US Citizens, preferred
Regular Full-Time


VariQ has an exciting opportunity for a highly qualified Vulnerability Management Lead to support the Office of the Comptroller of the Currency within the Department of the Treasury in Washington, DC.


Additional Information:

  • Location: 400 7th St., SW., D.C. (Remote until further notice due to COVID-19)
  • Metro Accessible: Yes, after COVID-19 at L’Enfant Plaza
  • Salary: Dependent upon experience
  • Security Clearance: Public Trust
  • Available: ASAP


  • Work closely with Government on engineering, vulnerability, and risk management tasks
  • Weekly status reports, and other ad-hoc deliverables as required
  • Perform regular vulnerability, configuration, and web application scans
  • Assist with triage of vulnerabilities when possible, and serve as a subject matter expert on the risk of vulnerabilities across the enterprise
  • Provide recommendations to promote the development of Vulnerability/Risk Management policy across the agency
  • Develop secure configuration baselines based on best practices for new technologies in the environment
  • Promote knowledge sharing/training across functional areas
  • Evaluate, develop and refine processes and procedures as required or requested by Government management
  • Core Work Hours: 8:00 am – 5:00 pm


  • 2+ years of experience as a Hands-On Vulnerability Management Analyst
  • Significant experience using numerous security tools and technologies to include some of the following and/or closely comparable security technologies: Qualys, Nessus, AppScan, Splunk, BigFix, Cofense PhishMe, Cofense Triage, Burp Suite, RSA Archer, FireEye iSight, RedSeal
  • Experience evaluating DISA STIGs, CIS Benchmarks, and other industry best practices across technologies including Windows Server (Member and Domain), Microsoft IIS, Microsoft SQL, Apache Tomcat, .NET Framework, Red Hat Enterprise Linux (RHEL), Mac OS, VMware ESXi and vSphere, Citrix NetScaler, Cisco IOS/NX/ASA Routers, Switches, Firewalls
  • Ability to identify and exploit OWASP top 10 risks, such as XSS, broken authentication, SQL injection


Top 3 Skills:

  • Vulnerability Management
  • Data Analysis
  • Strong verbal and written communication skills



  • CompTIA Security+ or better
  • Qualys Certified Specialist (Preferred)



Bachelors of Science in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area. Extensive work experience can be substituted in lieu of a degree.


Other Duties

Please note this job description is not designed to cover a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.


Physical Demands and Work Environment

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the functions.


While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate



This job description in no way states or implies that these are the only duties to be performed by the employee(s) incumbent in this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbents will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities. This document does not create an employment contract, implied or otherwise, other than an “at will” relationship.



VariQ is an Equal Opportunity/Affirmative Action employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status, or any other protected class. We consider diversity and inclusiveness to be core to our culture, and central to our commitment to fostering an empowering and supportive workplace.



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed