Vulnerability Assessment Specialist, Senior

We are seeking a highly skilled and innovative Vulnerability Assessment Specialist, Senior to join our team in the greater DMV area, supporting the Army National Guard.

Responsibilities

Lead enterprise vulnerability assessment operations: define scanning strategies, assessment methodologies, and reporting processes across networks, applications, cloud, and mission systems.
• Integrate DISA STIGs, SRGs, secure baselines, and RMF requirements into assessments to validate compliance across NIPR/SIPR/cloud enclaves.
• Oversee deployment and integration of scanning/assessment toolchains (ACAS, Forescout, eMASS, vulnerability platforms) into continuous monitoring workflows.
• Direct vulnerability analysis, risk scoring, exploitability evaluation, and prioritization to produce actionable remediation plans and POA&Ms.
• Coordinate remediation validation with engineering, system admins, cybersecurity teams, and stakeholders; manage retest and closure processes.
• Lead CCRI readiness preparation: review configurations, validate artifacts, and develop corrective action plans for complex findings.
• Produce technical assessment reports, trend dashboards, and executive briefings to inform leadership and governance.
• Drive VM maturity: implement automation, refine workflows, recommend tool modernization, and promote securitybydesign practices.
• Advise on emerging threats, assessment enhancements, and defensive technique adoption to strengthen enterprise posture.

#ENOCS

Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Master's degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
  • Relevant DoD/military training (examples: Security Control Assessor (Advanced) Playlist; DCMA DIBCAC Cybersecurity Assessor Advanced); OR
  • Relevant professional certification or equivalent experience (examples: CCISO; CISA; CISM; CISSP; CISSPISSEP; CySA+; GSLC; GSNA).

• Required experience and skills:

  • Vulnerability assessment, VM program leadership, or cybersecurity operations experience with at least 3 years leading enterprise VM efforts.
  • Deep expertise with ACAS/Nessus, Forescout/NAC, STIG/SRG application, vulnerability adjudication methodologies, and eMASS/POA&M workflows.
  • Proven ability to correlate vulnerabilities with asset baselines, patch records, and operational risk to prioritize mitigations.
  • Experience producing decisiongrade technical reports, dashboards, and executive briefings for senior leadership.
  • Strong stakeholder coordination skills to drive remediation, retest, and CCRI/inspection readiness.

• Desired:

  • Prior DoD/ARNG VM leadership or CCRI support experience.
  • Experience integrating VM with detection engineering, patch orchestration, threat intelligence, and automation for prioritized, threatinformed remediation.
  • Advanced certifications (preferred) and familiarity with VM tool modernization and continuous monitoring best practices.

#ENOCS

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.