Senior Vulnerability Management Analyst

Washington, D.C
May 20, 2022
May 23, 2022
Full Time

As a Senior Vulnerability Management Analyst, you will support Chief Information Security Officer Directorate efforts to deliver creative solutions to address the agency's most critical vulnerabilities.

Primarily, you will be responsible for overseeing a team of contractor staff in implementing, operating, and maintaining technical solutions to analyze and address vulnerabilities. You will also advise leadership of risks, while maintaining knowledge of leading defense strategies and relevant asset types (cloud, servers, workstations, network devices, storage devices, applications, and security devices). You will apply your expertise in the technical capability of vulnerability assessment to perform a range of tasks, including:
  • Conduct vulnerability research and analysis, including routine and ad hoc assessment tests to understanding methods of exploitation, tools, tactics, and techniques and determine risk levels.
  • Provide implementation guidance for security measures to mitigate vulnerabilities and recommend security changes to systems or system components.
  • Collect, consolidate, and analyze scan results/reports and identify agency-wide vulnerability remediation and patching trends.

Generally, a DHS Cybersecurity Service employee whose primary technical capability is Vulnerability Assessment:
  • Conducts assessments of threats and vulnerabilities on networks/systems software and hardware and develops and recommends appropriate mitigation countermeasures.
  • Develops and conducts tests of systems to evaluate compliance with specifications and requirements in accordance with policy, benchmarks, and industry best practices, by validating technical, functional, and performance characteristics of systems or their elements.
  • Coordinates and aligns with program offices and various stakeholders.


Conditions of Employment

  • You must be a U.S. Citizen or national.
  • You must be 18 years of age.
  • Must be registered for the Selective Service (if you are a male).
  • Must be able to obtain and maintain a Top Secret/SCI security clearance.
  • Must be able to submit to a drug test and receive a negative result.
  • Must be able to comply with ethics and standards of conduct requirements, including completing any applicable financial disclosure.
  • May be required to serve a 3 year probationary period.


This position is in the Technical Track at the Staff Cybersecurity Specialist career level. At this level, individuals generally:
  • 8+ years of relevant work experience.
  • Are capable of serving as a resident cybersecurity expert who applies significant technical expertise to develop solutions for critical, non-routine challenges

DHS Cybersecurity Service employees start at career levels and salaries matching their experience and expertise. To learn more about DHS Cybersecurity Service career tracks and levels, visit our application portal .

This position is focused on Vulnerability Assessment.

DHS Cybersecurity Service jobs are structured cybersecurity specializations - called technical capabilities. To learn more about technical capabilities, visit our application portal .

Desired Qualifications:
  • DHS is especially interested in applicants for this position who have experience with CrowdStrike, Splunk, Swimlane, TIC 3.0, and scanning tools.
  • While cybersecurity-focused certifications are not required for jobs in the DHS Cybersecurity Service, DHS is especially interested in applicants for this position who have experience with Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Network+, GIAC Security Essentials (GSEC), GIAC Enterprise Vulnerability Assessor (GEVA), and GIAC Penetration Tester (GPEN). You will have the opportunity to indicate such experience as you submit initial application information.


Degrees are not required for jobs in the DHS Cybersecurity Service, but DHS is interested in your level of education and the topics you studied. As you submit initial application information, you will be asked questions about your education.

Additional information

Benefits: DHS Cybersecurity Service employees receive a range of federal employment benefits designed to support their professional and personal lives. To learn more about benefits, visit our application portal .

More information about the specific benefits available to you will be provided as you progress through the application process.

Background Investigation: To ensure the accomplishment of its mission, the Department of Homeland Security (DHS) requires each and every employee to be reliable and trustworthy. To meet those standards, all selected applicants must undergo and successfully complete a background investigation for a security clearance as a condition of placement in this position. This review includes financial issues such as delinquency in the payment of debts, child support and/or tax obligations, as well as certain criminal offenses and illegal use or possession of drugs.

Pursuant to Executive Order 12564 and DHS policy, DHS is committed to maintaining a drug-free workplace and, therefore, conducts random and other drug testing of its employees in order to ensure a safe and healthy work environment. Headquarters personnel in safety- or security-sensitive positions are subject to random drug testing and all applicants tentatively selected for employment at DHS Headquarters are subject to drug testing resulting in a negative test result.

Similar jobs