Vulnerability Manager - Military veterans preferred

ManTech (


  full-time   employee   contract


The Vulnerability Manager oversees the proper remediation of DISA and USCYBERCOMs Information Assurance Vulnerability Programs which direct the mitigation of identified hardware and software vulnerabilities is critical to maintaining the integrity of the network in the CJOA-A. Oversees and reports on patching efforts completed by subordinate organizations in accordance with DISAs suspense dates and providing a Plan of Action and Milestones (POA&M) when those dates are not met.


  • Successfully scan, and report the status of, all systems in the CJOA-A for Information Assurance Vulnerability Alert (IAVA) compliance, at a minimum, weekly. Status shall be reported to the USFOR-A Information Assurance Manager (IAM) and USFOR-A Information Assurance Program Manager (IAPM), and as required, briefed to USFOR-A leadership, and IA personnel across the CJOA-A.
  • Non-compliant systems past the IAVA suspense date shall be tracked though ITSM.
  • Coordinate with the System Center Configuration Managers (SCCM) administrators, network administrators, and Program Managed (PM) and Programs of Record (POR) system administrators, as required to mitigate non-compliant systems.
  • Lead and coordinate Program Managed (PM) and Programs of Record (POR) vulnerability scanning and patching across the CJOA-A.
  • Conduct vulnerability Management processes, documentation, and improvements as required.


  • Requires Bachelor's degree in IT (or related discipline) OR equivalent experience in lieu of degree.
  • Six to eight years of related experience.
  • At least five (5) years of experience with DoD vulnerability management scanning and patching tools (i.e. Retina, ACAS, WSUS, GFi, etc.).
  • Must have a Secret clearance.
  • Maintain DoD 8570.1-M compliance for IAT Level III with a computing environment certificate focus on Windows administration.
  • Background must include a minimum of three (3) years of experience performing vulnerability management work, and a minimum of seven (7) years of cybersecurity management and technical experience with DoD networks.
  • Advertisement