ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Vulnerability Management Lead who will design, develop, engineer, implement solutions to requirements and perform complex risk analyses which also include risk assessment. Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. Perform analysis, design, and development of security features for system architectures.


Roles and Responsibilities

Ensures capabilities that encompass pre and post incident activities that cover the full incident response lifecycle functions related to but not limited to the latest version of NIST Special Publication (SP) 800-61. You will proactively identify and categorize cyber security incidents, integrate and utilize other enterprise security capabilities, support threat mitigation techniques and incident response, minimize ticket/incident backlog in ticketing systems, and notify appropriate authorities of incidents and their severity within established timeframes and guidelines. You will be responsible for Threat Management and Incident Response Strategy, Operations playbooks and reporting on Security incidents, incident response actions and mitigation and remediation. 

Required Skills

  • Establish an agile approach for vulnerability management capability improvements to address threats and weaknesses in software
  • Perform information security reviews and scans of systems to assess the effectiveness of the total system security, identify vulnerabilities, and make mitigation recommendations
  • Support the implementation, operation, and maintenance of vulnerability management (including CDM-related) projects
  • Proactively collaborate with the Threat Mitigation and Incident Response Team to address and mitigate vulnerabilities actively leveraged by malicious actors
  • Recommend and support the implementation, operation, testing, and on-going sustainment of data loss prevention (DLP) capabilities, technologies, and processes
  • Perform enterprise vulnerability scanning, secure configuration baseline verification, tool validation, and data and identity protection activities
  • Detect and oversee remediation of information security vulnerabilities to minimize risks to the operating environments

Desired Skills

  • Expereince providing Vulnerability and Secure Configuration Compliance Scanning Reporting and Guidance
  • Experience providing Vulnerability and Secure Configuration Compliance, management and risk based assessment reports

Education Requirement

  • Bachelor’s degree in related discipline
  • 10 years of additional relevant experience may be substituted for education

Years of Experience Requirement

  • 10 years of relevant experience

Certification Requirement

  • CISSP and GSLC; or CISM certification and GIAC Cyber Defense Certification or GIAC Offensive Operations Certification or GIAC Digital Forensics & Incident Response Certification or GIAC Cloud Security Certification required (note: any GIAC certification in the family of certifications listed above will suffice)
  • PMP certification preferred


  • National Capital Region 

Security Clearance

  • Must be a U.S. Citizen

Sound like the job for you?

Send us a link to your resumé or portfolio to become part of our talent pool.

Click here to apply

Warning: Invalid argument supplied for foreach() in /var/www/wp-includes/class-wp-list-util.php on line 157