
Vulnerability Management Program Engineer
Securities and Exchange CommissionThe Office of Information Technology (OIT) is seeking an IT Specialist (INFOSEC) (Vulnerability Management Program Engineer). As a Vulnerability Management Program Engineer, you will lead enterprise vulnerability lifecycle operations across hybrid, cloud, and modern DevSecOps environments. You will architect, optimize, and operate vulnerability scanning platforms; integrate security tooling into CI/CD pipelines; and drive measurable risk reduction across the enterprise.In this role as a Vulnerability Management Program Engineer, you will be responsible for: Leading enterprise vulnerability management operations from discovery and triage through remediation and validation Engineering and integrating vulnerability management solutions including developing and enforcing automated security gates and policies Analyzing, prioritizing, and driving risk reduction by performing expert analysis of vulnerability data and converting results into actionable remediation guidance Building and maintaining dashboards to measure remediation progress, program maturity, and risk trends Supporting cloud and hybrid network architectures, including troubleshooting complex hybrid issues (TLS/SSL, reverse proxies, segmentation, and distributed scanning nodes) Aligning all vulnerability management operations to internal policies and federal laws, regulations, andrequirements, including NIST SP 800-53, SP 800-137, CIS Benchmarks, DISA STIGs, and FedRAMPrequirements
Opens the company's application page
Listed via
USAJobs
usajobs.gov
Similar roles
Design & Tech
Related reads from TCHNX

The Quiet Revolution in Local-First Software
As major platforms face outages and data breaches, a new generation of developers is building applications that prioritise local data storage and peer-to-peer sync, challenging the cloud-first orthodoxy that's dominated tech for two decades.

The Quiet Revolution in Edge AI: Why Your Next Computer Might Not Need the Cloud
As neural processing units become standard in consumer devices, we're witnessing a fundamental shift in how AI applications work. Local processing is no longer a fallback; it's becoming the preferred architecture.

The Rise of AI-Assisted Code Generation 2: Are Developers Becoming Prompt Engineers?
As AI coding assistants reshape software development, the industry grapples with a fundamental question: is writing code giving way to writing prompts? We examine how London's tech scene is adapting to this seismic shift.

