NIH - Vulnerability Assessment Lead
cFocus Software seeks a Vulnerability Assessment Lead to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications:Public Trust Clearance B.S. Computer Science, Information Technology, or a related field 8+ years leading vulnerability assessment or vulnerability management programs. Experience managing enterprise vulnerability scanning solutions. Experience leading penetration testing efforts. Experience supporting Federal cybersecurity programs. Experience with RMF, FISMA, and NIST guidance. Experience developing executive cybersecurity reports. Ability to obtain and maintain NIH suitability/background investigation. Duties:Lead enterprise vulnerability assessment and vulnerability management operations. Direct vulnerability scanning activities across NIH enterprise systems. Develop enterprise vulnerability management strategies. Establish vulnerability assessment priorities based upon risk. Lead vulnerability remediation initiatives. Coordinate remediation activities across technical teams. Provide technical leadership for vulnerability management projects. Continuously improve enterprise vulnerability management capabilities. Analyze enterprise vulnerability scan results. Perform vulnerability prioritization using risk-based methodologies. Identify critical vulnerabilities requiring immediate remediation. Evaluate exploitability and business impact. Conduct root cause analysis. Develop remediation recommendations. Validate corrective actions. Track vulnerability trends and recurring issues. Coordinating remediation efforts with System Owners. Tracking remediation progress. Monitoring SLA compliance. Escalating critical vulnerabilities within required timeframes. Validating remediation completion. Supporting risk acceptance processes. Reducing enterprise cybersecurity risk. Monitoring aging vulnerabilities.