ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a qualified Vulnerability Management Lead to provide the technical expertise and leadership in managing both network and web scanning technologies to assess, prioritize, mitigate and remediate any discovered vulnerabilities per agency SLAs.  In this role, the selected candidate will provide the technical direction to coordinate infrastructure and application system security patching, in response to vulnerabilities, using phased approach to accommodate end users across the globe based on agency requirements.  This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in cybersecurity market.  


Roles and Responsibilities

  • Provide the technical expertise to conduct vulnerability scanning and analysis continuously, in accordance with DHS CDM and agency requirements.
  • Manage technical reporting capabilities within both network and web asset vulnerability scanning technologies.
  • Recommend and support remediation activities associated with any discovered vulnerability in accordance with agency SLAs.
  • Provide technical expertise to coordinate infrastructure and application system security patching, in response to vulnerabilities, using phased approach to accommodate end users in different time zones based on agency requirements.
  • Prepare and distribute monthly vulnerability scores and compliance rating to IT Specialists, System Owners, and ISSOs.
  • Prepare and distribute monthly Business Services Status Reports to Business System Owners with their vulnerability scores on security and compliance, etc.
  • Provide a detailed vulnerability scan report of the results gathered from the initial aggregation of patch management cycle.
  • Support the technical capabilities to validate the security controls of the Agency’s information systems monthly, or as directed by agency leadership.
  • Support the implementation and management of a POA&M process for remediation
  • Monitor and manage service queues within ServiceNOW.
  • Manage reports/queries within ServiceNOW to satisfy metric gathering and compliance reporting

Required Skills

  • 5+ years professional work experience with leading and managing the technical aspects of network and web vulnerability management solutions
  • Bachelor’s degree in Computer Science, Engineering, or equivalent experience
  • Security certifications such as Security +, CISSP, CISM, or CISA
  • Deep understanding of network and web vulnerability scanning application outputs
  • Ability to articulate raw vulnerability and audit data into executive reports
  • Strong Microsoft Excel and Google Sheets expertise
  • Excellent communication skills and extensive experience working with clients and partners.
  • Self-driven with an aptitude to learn new technologies
  • Ability to create success with minimal oversight and management

Desired Skills

  • Experience with ServiceNOW a plus
  • Experience with specific Vulnerability Management tools (Tenable Security Center and Trustwave AppScanner) a plus

Education Requirement

  • Bachelor’s degree in Computer Science, Engineering, or equivalent experience

Years of Experience Requirement

  • 5 years of overall cybersecurity experience

Certification Requirement

  • Security +, CISSP, CISM, or CISA


  • Arlington, VA

Security Clearance

  • Secret Clearance

Sound like the job for you?

Send us a link to your resumé or portfolio to become part of our talent pool.

Click here to apply