Vulnerability Management Division Lead SCC202
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
Some of the positions are future positions. Please look at the opening line of the job description to determine if this is an open or future position.
We are looking to fill this position at the following location(s):
- Reston, VA
This is a future position that may come open but is not open at the present moment. We are willing to prescreen personnel for these positions if you are interested.
Vulnerability Management Division Lead:
Provides Subject Matter Expertise support to maintain IC Vulnerability Management Program requirements including, but not limited to, patch repository maintenance, issuing alerts and bulletins, and tracking IC element compliance. The Vulnerability Management Division also provides coverage in Colorado Springs, Colorado.
Maintain the IC vulnerability management system supporting the reporting of status and to assess the exposure to vulnerabilities.
Support the ICVM risk scoring to quantify the IA risk posed by un-patched IC Vulnerability Alerts (ICVAs) and provide guidance.
Maintain patch repository and enable IC elements on-demand access to patches.
Ensure the Vulnerability Management Program maintains all current requirements including patch repository maintenance, issuing alerts and bulletins, and tracking compliance.
Support Red and Blue Team Activity.
Maintain overall responsibility for IC-wide red team/blue team de-confliction and coordinate all network security evaluations.
Ensure teams conduct validation and verification of security postures/coordination prior to execution.
Manage the replication, hosting & operation of tier 0/1 security center for the IC ACAS software
10+ years of experience
Bachelor's degree in Computer Science or relevant field, master’s degree preferred.
Detailed knowledge of system security vulnerabilities and remediation techniques, including testing and the development of exploits.
Detailed technical knowledge in security engineering, system and network security, authentication, and security protocols.
Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
IAW DoD Directive 8570 IAT II (Prior to onboarding)