To Apply for this Job Click Here
Must Haves:
* 2-4 years of experience in cybersecurity/vulnerability management
* FedRAMP experience (ideally) or minimum exposure
* NIST 800-53 or other similar framework experience
* Experience tracking vulnerabilities, tracking large volumes of findings and staying organized/accurate in data
* Understanding of continuous monitoring, system visibility and audit readiness
* Experience improving workflows through automation or scripting (Power Automate, PowerShell, Python)
* Bachelor’s degree
Plusses:
* Power Automate
* POA&M management and audit support experience
Day to Day:
* Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables
* Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure
* Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation
* Maintain an accurate, up-to-date view of vulnerability status across the environment
* Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure
* Monitor and report on aging vulnerabilities and SLA adherence
* Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records
Operational Visibility & Monitoring
* Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status
* Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources
* Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately
* Support continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectations
* Assist in ensuring that logging, monitoring, and security tooling provide sufficient coverage to support ongoing risk awareness and audit readiness
1457006_1777406501