Security Engineer - Vulnerability Management

inSync Staffing

Washington, DC

JOB DETAILS
SKILLS
CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, CompTIA Security+, Computer Security, Cross-Functional, Dental Insurance, Endpoint Security, FISMA - Federal Information Security Management Act, Federal Compliance Regulations, Federal Government, Firewalls, GCIH - GIAC Certified Incident Handler, IT Service Management (ITSM), Identify Issues, Information Technology & Information Systems, Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Leadership, Loss Prevention, Maintain Compliance, Metrics, Nessus, Operating Systems, People Management, Product Lifecycle, Reporting Dashboards, Reporting Skills, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Security Analysis, ServiceNow, Systems Administration/Management, Team Player, Time Management, U.S. National Institute of Standards and Technology (NIST), United States Citizen, United States Department of Transportation (DOT), Vulnerability Scanners
LOCATION
Washington, DC
POSTED
6 days ago

Position Type: Onsite
Location:1200 New Jersey Avenue, Washington, DC 20590, USA (DOT Headquarters)
Work Authorization: U.S. Citizen or Green Card Holder with a minimum of 3 years U.S. residency
Security Clearance: Public Trust (required prior to start)
Duration: 07/06/2026 08/24/2026
Potential for Conversion: Yes
Schedule: 8 hours/day, 40 hours/week
Telework: No 100% onsite
Program: DOT
Prime Contractor: SAIC

Role Summary

The Security Engineer Vulnerability Management will support the Department of Transportation's cybersecurity mission by identifying, assessing, tracking, and coordinating remediation of vulnerabilities across enterprise systems and infrastructure. This role works closely with federal leadership, system administrators, and cybersecurity teams to improve DOT's overall security posture and ensure compliance with federal cybersecurity standards and frameworks.

Key Responsibilities

  • Perform endpoint vulnerability management activities across DOT enterprise environments.
  • Utilize vulnerability scanning platforms, specifically Tenable Nessus, to identify and assess security risks.
  • Coordinate remediation activities with system owners, application teams, and infrastructure administrators to meet required remediation timelines.
  • Develop and maintain vulnerability tracking, reporting, and metrics dashboards.
  • Present vulnerability trends, remediation status, and cyber risk findings to federal leadership and stakeholders.
  • Troubleshoot issues related to endpoint vulnerability scanning and reporting.
  • Manage cybersecurity-related ITSM tickets within ServiceNow through resolution.
  • Participate in Cybersecurity and Security Operations (SecOps) meetings and initiatives.
  • Collaborate with cross-functional teams to improve DOT cybersecurity solutions and processes.
  • Provide guidance and education regarding vulnerability management concepts to technical and non-technical stakeholders.

Required Technical Skills

  • Minimum of 6 years of experience in Cybersecurity or related Information Technology fields.
  • Experience with endpoint vulnerability scanning solutions, specifically Tenable Nessus.
  • Strong experience in:
    • Vulnerability management lifecycle
    • Risk assessment and mitigation
    • Remediation planning and execution
  • Experience with federal cybersecurity requirements and standards including:
    • FISMA
    • NIST 800 Series
    • NIST Risk Management Framework (RMF)
    • NIST Cybersecurity Framework (CSF)
  • Experience using ITSM platforms such as ServiceNow.
  • Knowledge of:
    • Operating systems
    • Databases
    • Networking
    • Firewalls
    • Cloud-based systems
    • Data Loss Prevention (DLP)
    • Endpoint Security solutions
    • IDS/IPS technologies
    • Host-based security technologies
  • Ability to develop vulnerability reports, dashboards, and risk metrics.
  • Strong collaboration and communication skills across technical and business teams.

Preferred / Nice-to-Have Skills

  • Security certifications such as:
    • Security+
    • CISSP
    • CISM
    • CISA
    • GCIH
    • OSCP
    • CEH
  • Experience supporting federal agencies and government cybersecurity programs.
  • Experience presenting cybersecurity findings to executive leadership.
  • Familiarity with cloud security practices and hybrid infrastructure environments.

Qualifications & Experience

  • Bachelor's degree with 5+ years of cybersecurity experience; or
  • Master's degree with 4+ years of cybersecurity experience; or
  • Equivalent combination of education and experience totaling at least 6 years in cybersecurity or related IT disciplines.
  • Candidate must be eligible to obtain and maintain a Public Trust clearance prior to starting.
  • Candidate must be a U.S. Citizen or Green Card Holder who has resided in the United States for at least three years.

About the Team / Company

This position supports the Department of Transportation's cybersecurity mission focused on protecting information systems that support critical national infrastructure including highways, bridges, roads, and transportation systems.



Benefits (employee contribution):
  • Health insurance
  • Health savings account
  • Dental insurance
  • Vision insurance
  • Flexible spending accounts
  • Life insurance
  • Retirement plan

All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Rate of pay within the stated range will depend on the qualification of the applicant.

About the Company

i

inSync Staffing

We recognize the VMS program management team is our customer and needs to be serviced with integrity, so we built and continue to improve upon our delivery methods as we strive to provide the highest quality service possible. inSync Staffing’s management team recognized ten years ago the inevitable changes to the staffing industry being brought about by technology and the growing trend of Fortune 1000 corporations to outsource management of their contingent workforces to meet compliance and cost control goals. Rather than swim upstream against the changes, inSync Staffing has embraced MSP and VMS programs as our customers, not competitors. We asked program managers how they want to be serviced. The result of their input is that we have structured inSync Staffing as a recruiting and customer service organization, unlike traditional staffing companies who sell directly to the end client. Our delivery model allows us concentrates our resources on how to best supply candidates in a very competitive MSP/VMS program environment.
COMPANY SIZE
50 to 99 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
2014
WEBSITE
http://www.insyncstaffing.com/default.html