Endpoint Vulnerability Management SME / Team Lead

About the position MBL Technologies is seeking a highly skilled Endpoint Vulnerability Management Subject-Matter Expert (SME) / Technical Team Lead to support a federal cybersecurity program dedicated to protecting and securing enterprise endpoints. This role provides technical leadership and subject-matter expertise in endpoint vulnerability management across complex IT environments. The successful candidate will lead efforts to identify, assess, and mitigate endpoint vulnerabilities across operating systems, cloud infrastructure, and business applications, while ensuring compliance with federal cybersecurity frameworks and directives. This role is mostly remote; however, it will require occasional onsite meetings in the Bethesda, MD area. With no travel reimbursements allocated. This role is contingent based on contract award.

Responsibilities

• Lead the design, implementation, and optimization of the federal client’s endpoint vulnerability management program.
• Operate and administer endpoint vulnerability assessment tools for agent- and network-based scanning across diverse environments.
• Analyze and interpret vulnerability assessment results to provide actionable insights, prioritization, and remediation recommendations.
• Develop and maintain technical documentation, Standard Operating Procedures (SOPs), and program metrics to support continuous improvement and compliance.
• Coordinate with system owners, administrators, and cybersecurity stakeholders to ensure timely mitigation of vulnerabilities in accordance with SLAs and POA&Ms.
• Integrate vulnerability management data and use cases with the Security Information and Event Management (SIEM) platform to enhance visibility, correlation, and automated response.
• Lead the development of dashboards, alerts, and reports to track vulnerability trends, remediation status, and compliance performance.
• Collaborate with SOC and risk management teams to ensure vulnerability management aligns with broader incident response, continuous monitoring, and threat intelligence initiatives.
• Develop manual and automated reporting, dashboards, and alerting mechanisms for vulnerability analysis, root cause identification, and systemic issue tracking.
• Provide subject-matter expertise for compliance with federal cybersecurity directives, such as FISMA, OMB, CISA BODs, and agency-specific requirements.
• Perform risk analysis to evaluate and prioritize vulnerabilities based on likelihood, exploitability, and impact to mission-critical systems.
• Provide advanced technical knowledge and hands-on experience in securing and assessing vulnerabilities across Cloud Infrastructure (IaaS), Windows and MacOS operating systems, Linux and Unix, database platforms, and mobile environments.

Requirements

• Bachelor’s degree in computer science, Information Security, or related discipline (or equivalent experience).
• Demonstrated experience leading or managing vulnerability management operations within large enterprise or federal environments.
• Proficiency with endpoint vulnerability assessment tools (e.g., Tenable, Qualys, Rapid7, CrowdStrike Falcon Spotlight, or similar).
• Experience with SIEM integration (e.g., Splunk, ArcSight, QRadar) and vulnerability management use cases.
• Proven expertise in vulnerability data analysis, risk scoring, and remediation coordination.
• Strong understanding of cybersecurity frameworks and standards (NIST 800-53, NIST RMF, FISMA, CISA BODs).
• Excellent written and verbal communication skills for technical documentation, reporting, and stakeholder engagement.

Nice-to-haves

• Advanced degree in Cybersecurity, Computer Engineering, or related field.
• Professional certifications such as CISSP, CISM, CEH, GCIH, or CompTIA Advanced Security Practitioner (CASP+).
• Hands-on experience with endpoint detection and response (EDR) tools and configuration management databases (CMDBs).
• Familiarity with automation and orchestration tools for vulnerability and patch management.
• Experience supporting federal cybersecurity programs, CSOCs, or enterprise risk management initiatives.
• Experience securing OT and specialized scientific or clinical systems in regulated environments.

Benefits

• MBL Technologies offers a competitive salary adjusted for candidate qualifications partnered with an industry-leading benefits package.
• This package includes incentive plans with corporate and individual-based performance bonuses, 401K, PTO, remote work, health and wellness programs, employee discounts, and learning and development reimbursement.

Apply tot his job Apply To this Job