Enterprise Vulnerability Management Lead (Engineer Info Assurance 4)

Huntington Ingalls Industries, Inc.•Fairfax, VA

About The Position

HII - Mission Technologies is currently seeking a SME Enterprise Vulernatiblity Management Lead to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. This position is contingent on contract award

Requirements

9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
IAM I (CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC) certified
Must have an active Secret security clearance
US Citizenship

Nice To Haves

Familiarity with Advana architecture, Palantir Foundry, or similar data integration platforms
Experience with data governance frameworks and metadata management
Agile/SAFe delivery experience in secure environments

Responsibilities

Leads coordinated vulnerability management operations supporting Department of Defense mission systems across unclassified and classified networks.
Directs enterprise vulnerability lifecycle activities including scan result validation, risk triage, remediation coordination, and continuous tracking of findings affecting operating systems, applications, databases, and network devices.
Analyzes vulnerability data generated by ACAS, endpoint security platforms, and cloud security tooling to distinguish true risk conditions from false positives and environmental artifacts.
Develops prioritized remediation strategies aligned to mission impact, threat severity, and authorization timelines while coordinating corrective actions with system owners, platform engineers, and cybersecurity teams.
Maintains authoritative vulnerability records and remediation status within POA&M repositories, continuous monitoring dashboards, and authorization artifacts supporting Risk Management Framework execution.
Supports deviation requests and risk acceptance actions through defensible technical analysis and documented mitigation strategies.
Produces vulnerability trend reports, remediation performance metrics, and executive summaries for cybersecurity leadership and Authorizing Officials using ServiceNow, SharePoint, and reporting platforms.
Guides junior analysts through standardized workflows for scan validation, POA&M updates, and stakeholder coordination while maintaining consistency and data integrity.
Enables sustained authorization posture, reduced exposure windows, and improved cyber hygiene across enterprise environments while reinforcing program values of accountability, operational readiness, transparency, and disciplined risk management.