×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Junior Vulnerability Management Analyst

Job in Fairfax, Fairfax County, Virginia, 22032, USA
Listing for: ECS
Full Time position
Listed on 2026-06-23
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Everforth ECS is seeking a Junior Vulnerability Management Analyst to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax.

This position is contingent upon contract award.

The War Data Platform (WDP) is a key initiative within the U.S. Department of War’s AI‑First strategy introduced in early 2026. The WDP separates business and financial data from operational war fighting data, aiming to accelerate the deployment of artificial intelligence on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.

The Junior Vulnerability Management Analyst supports enterprise vulnerability management operations across the WDP’s classified and unclassified environments, contributing directly to continuous monitoring, POA&M tracking, and remediation coordination activities that sustain the WDP’s authorization posture across NIPRNet, SIPRNet, and JWICS. This role offers structured, hands‑on exposure to government vulnerability management operations at scale, where scan validation accuracy, remediation timeliness, and documentation discipline directly impact mission system authorization status and warfighter platform availability.

Responsibilities
  • Supports enterprise vulnerability management operations for Department of War mission systems across unclassified and classified environments.
  • Performs day-to-day validation of vulnerability scan results generated by ACAS, endpoint security platforms, and cloud security tools to confirm accuracy, scope, and system relevance.
  • Tracks vulnerability findings and remediation actions within POA&M repositories, Service Now workflows, and continuous monitoring dashboards to maintain current authorization status.
  • Coordinates directly with system owners, administrators, and cybersecurity teams to collect remediation evidence, confirm patch application, and document mitigation actions.
  • Assists with identification and documentation of false positives and compensating controls under guidance of senior analysts.
  • Maintains detailed records supporting Risk Management Framework activities, including vulnerability aging, remediation progress, and outstanding risk conditions.
  • Prepares routine vulnerability status reports, remediation summaries, and data inputs for leadership briefings using SharePoint and reporting tools.
  • Supports deviation and risk acceptance requests through evidence gathering and baseline documentation.
  • Participates in vulnerability management reviews, remediation planning sessions, and operational coordination meetings with government and contractor stakeholders.
  • Contributes to improved cyber hygiene, reduced exposure timelines, and sustained authorization posture while reinforcing program values of accountability, consistency, transparency, and mission-focused risk reduction.
  • Performs other duties as assigned.
Required Skills
  • Ability to obtain and maintain a Top Secret (TS) security clearance.
  • Experience in vulnerability management, cybersecurity operations, IT security, or a closely related discipline, including relevant academic, internship, or lab-based experience demonstrating foundational familiarity with vulnerability assessment and remediation tracking concepts.
  • IAM Level I certification from an approved credential, including CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
Desired Skills
  • Active Top Secret (TS) security clearance.
  • Foundational familiarity with vulnerability scanning tools such as ACAS, Nessus, or Security Content Automation Protocol (SCAP) platforms, including basic awareness of credentialed scanning workflows, scan result interpretation, and risk‑based finding classification applicable to government or classified network environments.
  • Basic understanding of the DoW Risk Management Framework (RMF) process, including awareness of POA&M structure, NIST 800‑53 control families, continuous monitoring obligations, and the role of vulnerability management data in supporting Authority to Operate documentation and Body‑of‑Evidence packages.
  • Exposure to IT…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search