Apply on Employer Site

Booz Allen Hamilton · 7 hours ago

Vulnerability Management Lead

Reston, VA

Full-time

Onsite

Senior Level

$113K/yr - $257K/yr

7+ years exp

Booz Allen Hamilton is seeking a senior Vulnerability Management professional to support DoD clients by modernizing ACAS capabilities and designing enterprise-scale STIG compliance solutions. The role involves leading ACAS modernization efforts and advising government stakeholders on vulnerability prioritization and risk management.

ConsultingCyber SecurityIT InfrastructureManagement ConsultingSecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead ACAS modernization efforts, transitioning Tenable deployments from basic scanning to enterprise vulnerability management services

Modernize ACAS implementation by standardizing scan policies, credentialed coverage, asset tagging, and data hygiene

Design contractor-operated workflows for vulnerability intake, prioritization, remediation tracking, and risk acceptance

Integrate ACAS outputs into customer POA&M processes, ATO sustainment activities, and reporting requirements

Advise government stakeholders on vulnerability prioritization, risk tradeoffs, and RMF integration

Partner with cyber engineering, architecture, and RMF teams to align vulnerability management with Zero Trust modernization initiatives

Produce executive-level briefings on cyber risk posture, trends, and remediation effectiveness

Develop enterprise STIG compliance frameworks that enable control inheritance, reuse, and automation across systems

Standardize STIG baselines, tailoring decisions, and documentation to reduce per-system compliance burden

Implement and maintain SCAP or STIG tooling such as SCC, OpenSCAP, and vendor solutions, across server, endpoint, and platform technologies

Produce defensible STIG artifacts and evidence packages to support ATOs and continuous monitoring

Advise system owners and ISSMs on remediation strategies and risk-based deviations

Automate repeatable tasks using scripting and workflow tooling, where feasible

Integrate ACAS and STIG outputs with customer ticketing, GRC, or reporting systems

Qualification

ACASSTIG complianceRMF knowledgeTenable.scNessusSCAP toolingPythonPowerShellClient interfacingAutomationMentoring

Required

7+ years of experience supporting DoD or IC customer cybersecurity programs

Experience with ACAS, including Tenable.sc or Nessus, in enterprise environments

Experience designing enterprise STIG compliance solutions

Knowledge of RMF, NIST 800-53, POA&M management, and continuous monitoring

Ability to mentor junior staff, contribute to internal IP, playbooks, and reusable artifacts, and support contract deliverables, metrics, and reporting requirements

Ability to interface directly with government stakeholders, providing clear and concise risk-based recommendations

Active TS/SCI clearance; willingness to take a polygraph exam

Associate's degree and 5+ years of experience supporting IT projects and activities, Bachelor's degree and 3+ years of experience supporting IT projects and activities, or Master's degree and 1+ years of experience supporting IT projects and activities

DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification such as Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification

Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification such as CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 30 days of start date

Preferred

Experience supporting large multi-program or enterprise-level DoD contracts

Experience with ServiceNow, Xacta, eMASS, or similar GRC or ATO tooling

Experience with scripting or automation using tools such as Python and PowerShell

Experience in cloud or hybrid DoD environments such as AWS GovCloud and Azure Government

Benefits

Health

Life

Disability

Financial

Retirement benefits

Paid leave

Professional development

Tuition assistance

Work-life programs

Dependent care

Company

Booz Allen Hamilton

Glassdoor4.2

Booz Allen Hamilton is a consulting firm that specializes in analytics, technology, and engineering.

Founded in 1914

Mclean, Virginia, USA

10001+ employees

http://www.boozallen.com

Funding

Current Stage

Public Company

Total Funding

$3.03B

2025-03-11Post Ipo Debt· $650M

2023-08-01Post Ipo Debt· $650M

2020-08-13Post Ipo Debt· $700M

Leadership Team

Matthew Calderone

Chief Financial Officer and Executive Vice President

Kristine Anderson

Chief Operating Officer

Recent News

Benzinga.com

Top Wall Street Forecasters Revamp Booz Allen Hamilton Expectations Ahead Of Q3 Earnings

2026-01-23

Washington Technology

Andreesen Horowitz, Hadrian and Valinor detail their newest capital raises

2026-01-14

Bizjournals.com Feed (2025-11-12 15:43:17)

Andreessen Horowitz partners with Booz Allen Hamilton to connect government clients with startups

2026-01-13

Company data provided by crunchbase