Senior Vulnerability and Patch Management Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

General Dynamics Information Technology ยท 5 hours ago

Senior Vulnerability and Patch Management Specialist

positionPortland, OR
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$97K/yr - $131K/yr
date5+ years exp

General Dynamics Information Technology is a global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government. They are seeking a highly skilled Senior Vulnerability and Patch Management Specialist responsible for coordinating cyber incident response, performing technical risk and vulnerability assessments, and ensuring the secure development and maintenance of their technology infrastructure.

Artificial Intelligence (AI)Cloud ComputingConsultingCyber SecurityInformation Technology
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Act as part of a cross-organizational Vulnerability and Patch Management team, coordinating cyber incident response across Transmission Operational Technology
Provide technical support during cyber-events related to vulnerabilities as part of an incident response team
Perform technical risk and vulnerability assessments of relevant technology focus areas, including local computing environments, network and infrastructure, supporting infrastructure, and applications
Interact continuously with business units to discover, triage, and resolve security vulnerabilities using manual and automated tools as part of a Secure Development Life Cycle
Analyze vulnerabilities to characterize threats and provide remediation recommendations
Conduct vulnerability assessments, including evaluating specific configurations of network devices, operating systems, and network-enabled software applications on both Windows and Linux platforms
Responsible for the discovery, identification, and evaluation of security-related patches
Develop and maintain a source list that tracks the release of cybersecurity patches
Coordinate with System Owners, Resource Managers, and System Security Officers to ensure system patching is occurring and vulnerabilities are being mitigated
Plan and coordinate the installation of new products, security patches, and upgrades
Identify and mitigate security vulnerabilities and risks through vendor-identified configuration changes and maintain server integrity and availability
Develop patch mitigation plans and coordinate with Resource Managers and System Owners to ensure resolution is completed by agreed-upon dates
Manage the server operating system patching procedure and security hardening
Evaluate and review patches before and after installation
Develop procedures for responding to new threats to systems' confidentiality, integrity, and availability
Oversee the implementation of new procedures for responding to system threats and interpret procedures in response to questions from systems administrators
Provide subject matter expertise for applying security-related patches, hotfixes, and updates, or applying compensating measures for BES Cyber System or BES Cyber Assets mitigation plans
Provide subject matter expertise for determining and communicating to management when it is in the best interest of reliability to not install a patch and document the mitigation for the vulnerability
Investigate, evaluate, and select tools and methods for improving software development security testing throughout the life cycle to prevent the introduction of vulnerabilities
Develop best practices guides for use by other application software specialists

Qualification

CISSP certificationIncident ResponseVulnerability AssessmentsMitigation PlanningRemediationAnalytical SkillsTeam CollaborationTechnical Communication

Required

Minimum of five (5) years of experience in a cybersecurity role
Must have CISSP certification
Experience following and interpreting Federal (Department of Energy preferred) and NERC directives, regulations, and standards
Experience in a government or regulated environment
Strong analytical skills and the ability to communicate technical information effectively
Proven ability to work collaboratively in a team environment
5 + years of related experience
US Citizenship Required: Yes

Benefits

Comprehensive benefits and wellness packages
401K with company match
Variety of medical plan options, some with Health Savings Accounts
Dental plan options
A vision plan
Paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
Short and long-term disability benefits
Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance

Company

General Dynamics Information Technology

twittertwittertwitter
Glassdoor3.9
company-logo
General Dynamics Information Technology is an IT consulting company that specializes in cyber security, AI, and quantum computing. It is a sub-organization of General Dynamics.
dateFounded in 1999
location
Falls Church, Virginia, USA
people-size10001+ employees
web-link
https://www.gdit.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Paul Nedzbala
Senior Vice President
linkedin
leader-logo
Ben Buckley
Vice President and General Manager
linkedin

Recent News

PRWeb
Parallel Works Deploys Mission-Critical Weather Forecasting to the Cloud, Expanding Real-Time Predictions at Scale
2026-01-13
PR Newswire
GDIT Named AWS Global Defense Consulting Partner of the Year
2026-01-03
PR Newswire
GDIT Awarded $285 Million Virginia Cybersecurity Services Contract
2025-12-16
Company data provided by crunchbase