Intermediate Cybersecurity Enterprise Vulnerability Management A with Security Clearance

---

Job description

Cybersecurity Information Assurance Engineer / Enterprise Vulnerability Management Analyst, Mid This position requires the ability to obtain a Public Trust We are seeking a motivated and experienced Cybersecurity Information Assurance Engineer (Intermediate) to serve as an Enterprise Vulnerability Management Analyst (Mid-Level). The successful candidate will support the Task Lead in managing the organization's vulnerability management efforts by coordinating with the customer's Continuous Diagnostics and Mitigation (CDM) integrator. Under general supervision, this role involves developing information systems assurance programs, implementing security controls, and using CDM tools to identify and mitigate risks. The Analyst will also help establish streamlined processes for managing vulnerabilities and ensuring alignment with the organization's cybersecurity strategy and goals. Compensation & Benefits: Estimated Starting Salary Range for Cybersecurity Information Assurance Engineer / Enterprise Vulnerability Management Analyst, Mid: $155,000 to $160,000 Pay commensurate with experience. Full time benefits include Medical, Dental, Vision, 401K and other possible benefits as provided. Benefits are subject to change with or without notice. Cybersecurity Information Assurance Engineer / Enterprise Vulnerability Management Analyst, Mid Responsibilities Include: Assist in the development and implementation of information systems assurance programs and security control guidelines to enhance enterprise cybersecurity. Support the Task Lead in collaborating with the customer's CDM Integrator to align CDM capabilities with the customer's cybersecurity strategy and roadmap. Contribute to the creation and maintenance of Standard Operating Procedures (SOPs) for utilizing hardware asset management (HWAM), software asset management (SWAM), configuration settings management (CSM), and vulnerability management (VUL) tools, aimed at improving Agency-Wide Adaptive Risk Enumeration (AWARE) scores and enhancing FISMA metrics. Manage account and access controls, including managed privileges, trust determinations for individuals with access, credentials and authentication, while ensuring compliance with security-related training. Establish and maintain efficient processes for the intake, prioritization, and analysis of vulnerability reports from various sources, including automated scanning tools, security researchers, and internal assessments. Oversee the management of network and perimeter components, host and device assets, and data protection for both assets at rest and in transit, while monitoring user behavior and activities. Manage security events, oversee the operation, monitoring, and improvement of security controls, and ensure security is designed and integrated across the organization's systems. Contribute to efforts in boundary protection, supply chain risk management, and ongoing authorization initiatives. Manage data protection capabilities, including data discovery and classification, data loss prevention, data breach mitigation, and information rights management. Support the development of the CDM Operational Methodology, ensuring continuous asset discovery, risk monitoring, environmental change analysis, and stakeholder reporting. Utilize CDM tools and capabilities to identify risks to enterprise security and provide recommendations for effective risk mitigation. Analyze existing CDM tools, suggest additional coverage aligned with the customer's cybersecurity strategy, and standardize tool operations for consistency and effectiveness. Evaluate unused or misused licenses and provide recommendations to enhance user license management efficiency. Create actionable risk reports using data from CDM tools, offering stakeholders insights into enterprise cybersecurity risks and mitigation strategies. Performs other job-related duties as assigned Cybersecurity Information Assurance Engineer / Enterprise Vulnerability Management Analyst, Mid Experience, Education, Skills, Abilities requested: Bachelor's degree in Cybersecurity, Information Technology, or a related field. Minimum 5 years of experience in cybersecurity, with a focus on information assurance, vulnerability management, and enterprise security systems. IAT Level II certification (e.g., CompTIA Security+, GIAC, or equivalent). Experience with Continuous Diagnostics and Mitigation (CDM) tools and managing hardware, software, and configuration settings for enterprise systems. Strong understanding of cybersecurity frameworks such as FISMA, and the ability to improve metrics to meet cybersecurity goals. Experience managing account access, privileges (PRIV), credentials (CRED), and trust determination (TRUST) for individuals with access to critical systems. Ability to manage the intake, prioritization, and analysis of vulnerability reports and ensure efficient response and remediation. Knowledge of boundary protection, data protection, and supply chain risk management. Familiarity with managing data discovery/classification, data loss prevention (DLP), and incident response preferred. Experience in developing and implementing standardized processes for license management and the use of vulnerability management tools preferred. Past applicable job experience may include, but is not limited to: Information Security Analyst, Vulnerability Management Specialist, or Cybersecurity Assurance Analyst Must pass pre-employment qualifications of Cherokee Federal Company Information: Cherokee United Services (CUS) is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government's mission with compassion and heart. To learn more about CUS, visit Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply. Similar searchable job titles Information Security Analyst Vulnerability Management Specialist Cybersecurity Assurance Analyst Risk Management Analyst Security Compliance Engineer Keywords Vulnerability Assessment Risk Management Security Compliance Incident Response Threat Analysis Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request. Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.

<!– job description page –>