Cybersecurity Architect

Role Summary
A senior vulnerability engineer is responsible for leading enterprise vulnerability management efforts within a highly regulated federal environment. This role involves engineering, supporting, and optimizing vulnerability exposure management initiatives across hybrid cloud and on-premises infrastructures. The position requires technical expertise in vulnerability scanning, compliance auditing, and security operations, providing critical insights and solutions to mitigate risks and ensure regulatory compliance.

Responsibilities

• Engineer, support, and optimize enterprise vulnerability and exposure management platforms utilizing tools such as Tenable One, Nessus, and Tenable Web Application Scanning (WAS).
• Configure and execute authenticated and non-authenticated web application scans, including Selenium-based authentication workflows, session handling, and Single Sign-On (SSO) integrations.
• Perform credentialed vulnerability and compliance scans across various operating systems, databases, cloud environments, web applications, and network devices.
• Support continuous attack surface monitoring, asset discovery, exposure prioritization, and scalable scanning operations across hybrid cloud and multi-tenant environments.
• Troubleshoot complex operational issues such as TLS/SSL negotiation failures, authentication errors, load balancer problems, reverse proxy issues, cloud networking, and distributed scanning infrastructure.
• Deploy and maintain compliance audit configurations aligned with standards including IRS Safeguards / SCSEM, CIS Benchmarks, NIST SP 800 series, DISA STIG, and FedRAMP requirements.
• Integrate vulnerability management tools with enterprise systems such as CyberArk, Splunk, ServiceNow, and AWS APIs to streamline workflows and automate processes.
• Support remediation validation, compliance reporting, audit readiness activities, and operational dashboard development to monitor security posture.
• Troubleshoot asset correlation and inventory discrepancies involving cloud, virtualized, cloned, and ephemeral infrastructures.

Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field; equivalent experience may be considered.
• 10+ years of experience supporting enterprise vulnerability management, cybersecurity engineering, or security operations programs.
• Proven hands-on experience with Tenable One, Nessus, Tenable WAS, AWS cloud environments, and enterprise vulnerability platforms.
• Strong knowledge of web application scanning, both authenticated and non-authenticated, within large enterprise environments.
• Deep understanding of vulnerability exposure management, attack surface visibility, compliance auditing, and cloud-native security principles.
• Familiarity with regulatory frameworks including IRS Safeguards / SCSEM, CIS Benchmarks, NIST SP series, DISA STIG, and FedRAMP.
• Experience supporting enterprise integrations, automation workflows, and operational reporting functions.
• Excellent troubleshooting, analytical, and problem-solving skills across infrastructure, cloud, and application domains.
• Capable of managing projects, enhancing workflows, and driving process improvements in security operations.
• Strong communication and cross-functional collaboration skills to work effectively with diverse teams and stakeholders.
• In compliance with federal law, all persons hired must verify their identity and eligibility to work in the United States and complete the required employment eligibility verification form upon hire. Candidates must be legally authorized to work in the United States without employer sponsorship, now or in the future.

Publishing Pay Range: $79.00 – $83.00 hourly
This position is based in office and requires employee to work on-site.