IT Security Vulnerability Manager

Evoke Consulting is a Federal Management Consulting firm specializing in strategic business and technology services areas across the federal market. We provide solutions to agencies and entities including Veterans Affairs, Department of Energy, Department of Agriculture, Department of Defense, and more. We defy the standard employee experience in government contracting with a commitment to providing a wide range of opportunities for our employees to grow professionally and socially by investing more than our competition in training our team and rewarding high performance. Evokers are hard-working, team-oriented, and come from diverse backgrounds and experience levels. We value our employees’ ideas and act on suggestions for change and development as a firm.

Responsibilities:

• Identify, assess and prioritize vulnerabilities across IT systems. Ensure timely remediation through coordination with internal teams and government security team/
• Work closely with technical teams to implement and validate remediation actions, ensuring compliance with industry standards and government policies
• Act as a primary liaison between our team and government team, facilitating communications and maintaining alignment on security objectives and requirements
• Prepare and present comprehensive weekly progress reports, detailing the status of vulnerabilities, ongoing remediation efforts, and risk assessment
• Maintain detailed records of vulnerability assessments, remediation plans and resolutions. 
• Ensure adherence to compliance requirements and support audit activities as needed
• Identify and recommend improvements to vulnerability management processes, tools, and technologies to strengthen our security posture

Professional Experience and Skills:

• Strong understanding of security frameworks and compliance standards (e.g., NIST, ISO, CIS)
• Experience working with government agencies is highly desirable
• Proficiency in using vulnerability scanning tools and security information and event management (SIEM) systems
• Excellent communication skills, with the ability to produce clear and concise reports

Education and Years 

of Experience:

• Bachelor’s degree in information technology, Cybersecurity or related fields
• Minimum of 5 years of experience in IT security, with a focus on vulnerability management and remediation
• Certified Information Systems Security Professional (CISSP), (desired)
• Certified Information Security Manager (CISM) (desired)
• Certified Ethical Hacker (CEH) (desired)

Security Clearance

• Applicants selected must be eligible to work in the United States, be subject to a government security investigation, and meet eligibility requirements for access to protected information.

Work Location

• Washington, DC (100% on-site)

Benefits Offered:

• This position is paid a base salary based on job family, experience and skill level.
• Health benefits include medical, prescription, dental, and vision plans.
• Company paid Life Insurance coverage, Short-term and Long-term Disability coverage.
• Health Savings Account or Flexible spending accounts.
• 401(k) with discretionary company match.
• Paid time off (PTO) program and eleven (11) paid holidays.
• Additional time off benefits include parental leave, bereavement leave, volunteer hours.
• And more