Vulnerability Management Team Lead

Cybersecurity Vulnerability Management Team Lead

National Science Foundation (NSF) Cybersecurity Program

Location: Remote
Clearance: Public Trust Eligible
Employment Type: Full-Time

Position Overview

Cherokee Federal Systems is seeking a highly experienced Cybersecurity Vulnerability Management Team Lead to support the National Science Foundation (NSF) Cybersecurity Program.

This is a highly visible role supporting a strategic modernization effort within the NSF Cybersecurity Program.

We are not seeking a traditional vulnerability manager who simply operates scanners, generates reports, and tracks POA&Ms.

We are seeking a technical leader who can help transform Vulnerability Management into a modern, threat-informed Exposure Management capability.

This individual will serve as the technical authority for Vulnerability Management, lead a small team of analysts, partner closely with Security Operations, Cloud Engineering, Infrastructure, Compliance, and Development teams, and introduce new detection, validation, and prioritization capabilities that measurably reduce organizational cyber risk.

The ideal candidate possesses a passion for innovation, continuously evaluates emerging technologies, and is capable of challenging traditional approaches to vulnerability management.

Why This Role Matters

Vulnerability Management has been identified as a key opportunity for improvement and modernization within the NSF Cybersecurity Program.

We are intentionally looking for a leader who can help evolve the program from a traditional scan-and-report model into a proactive capability focused on:

• Exposure Reduction
• Threat-Informed Prioritization
• Detection Engineering
• Continuous Validation
• Cloud-Native Security
• Automation
• Actionable Executive Metrics

Candidates whose experience is primarily limited to running Nessus scans, distributing reports, or supporting annual compliance activities are unlikely to be successful in this role.

Key Responsibilities

Lead Enterprise Vulnerability Management Operations

• Lead and mature NSF's Vulnerability Management capability across enterprise, cloud, containerized, application, and hybrid environments.
• Provide technical leadership to a team of vulnerability analysts and establish a culture of accountability, ownership, collaboration, and continuous improvement.
• Develop and maintain a Vulnerability Management roadmap aligned with evolving threats and organizational priorities.

Modernize Detection & Prioritization Capabilities

• Introduce and operationalize modern vulnerability prioritization techniques utilizing:
  • CISA Known Exploited Vulnerabilities (KEV)
  • EPSS
  • Threat intelligence feeds
  • Asset criticality scoring
  • Internet-facing asset identification
  • Attack path analysis
  • MITRE ATT&CK mapping
• Evaluate and recommend emerging technologies that improve vulnerability validation, attack surface visibility, and exposure management.

Vulnerability Lifecycle Management

• Own end-to-end vulnerability management processes including:
  • Discovery
  • Validation
  • Prioritization
  • Remediation coordination
  • Exception handling
  • Verification
  • Executive reporting
• Operate and optimize enterprise scanning platforms including Tenable.sc, Tenable.io, and Nessus.
• Improve scan coverage, credential management, accuracy, and false-positive reduction.

Cloud and Application Security

• Integrate findings from cloud-native security capabilities such as:
  • AWS Inspector
  • Security Hub
  • GuardDuty
  • Wiz
  • Prisma Cloud
  • Microsoft Defender for Cloud
• Partner with Application Security and DevSecOps teams to support:
  • AppScan
  • DAST
  • SAST
  • CI/CD integrations
  • Container image scanning

ServiceNow and Automation

• Mature ServiceNow Vulnerability Response capabilities including:
  • CMDB enrichment
  • Automated ticket creation
  • SLA tracking
  • Ownership assignment
  • Escalation workflows
• Develop automation opportunities through APIs, Python, PowerShell, and orchestration capabilities.

Reporting & Leadership

• Build executive dashboards and metrics including:
  • MTTR
  • SLA adherence
  • Vulnerability aging
  • Exposure trends
  • Scan coverage
  • Remediation effectiveness
• Brief cybersecurity leadership on emerging risks, remediation progress, and program maturity initiatives.

Required Qualifications

• 8+ years of cybersecurity experience.
• 4+ years of direct Vulnerability Management experience in a federal or large enterprise environment.
• 3+ years leading vulnerability analysts, remediation programs, or enterprise VM initiatives.
• Deep hands-on expertise with:
  • Tenable.sc
  • Tenable.io
  • Nessus
• Experience implementing or significantly improving a Vulnerability Management or Exposure Management capability.
• Experience with ServiceNow Vulnerability Response and CMDB integrations.
• Experience leveraging modern vulnerability prioritization methodologies including:
  • CISA KEV
  • EPSS
  • Threat intelligence
  • Asset criticality
  • Attack path analysis
• Experience supporting AWS, Azure, or hybrid cloud environments.
• Experience collaborating with Security Operations and Incident Response teams to identify and rapidly remediate actively exploited vulnerabilities.
• Experience briefing technical teams, executives, and federal stakeholders.

Highly Desired Experience

Candidates with experience in one or more of the following areas will receive strong consideration:

• SafeBreach
• AttackIQ
• Pentera
• XM Cyber
• Wiz
• Prisma Cloud
• AppScan
• Breach and Attack Simulation (BAS)
• Continuous Control Validation (CCV)
• External Attack Surface Management (EASM)
• Kubernetes Security
• Detection Engineering

Preferred Certifications

• CISSP
• GCIH
• CySA+
• Security+
• Tenable Certified Professional
• AWS Security Specialty
• ServiceNow Vulnerability Response Certification