Job Title: Senior Vulnerability Management Engineer
Location: Hybrid – Occasional on-site at Washington, D.C. Metro Area or Seaside, CA
Clearance: Active Top Secret / Tier 5
Employment Type: Full-Time

OVERVIEW:

Cornerstone Technology is seeking a highly experienced Senior Vulnerability Management Engineer to join our mission-focused team supporting the Defense Manpower Data Center (DMDC) under the IT GEMS contract. This position plays a critical role in safeguarding sensitive DoD systems from evolving cyber threats. You will lead vulnerability identification, prioritization, and remediation efforts across enterprise systems, ensuring compliance with Department of Defense cybersecurity standards.
This role offers the opportunity to work on high-visibility defense initiatives, collaborate with senior cybersecurity professionals, and contribute directly to national security. Hybrid flexibility allows for occasional on-site work at either Washington, D.C. or Seaside, CA.

MUST-HAVE REQUIREMENTS:

• Active Top Secret / Tier 5 clearance – no exceptions
• 8+ years of vulnerability management or closely related cybersecurity experience
• Proven, hands-on experience with ACAS/Nessus, SCAP, and DISA STIG implementation
• Strong, in-depth knowledge of Microsoft Windows operating systems (workstation and server)
• Foundational understanding of Linux/UNIX administration and security practices

REQUIRED QUALIFICATIONS:

• 8+ years of vulnerability management or related cybersecurity experience
• Strong, in-depth knowledge of Microsoft Windows operating systems (workstation and server)
• Foundational understanding of Linux/UNIX administration and security practices
• Familiarity with networking concepts, database platforms, and enterprise IT environments
• Experience with DoD cybersecurity standards and vulnerability management tools
• Excellent analytical, troubleshooting, and communication skills

• Perform vulnerability assessments, analysis, and remediation for Windows OS (workstation and server) environments
• Apply foundational knowledge of Linux/UNIX operating systems to identify and mitigate security gaps
• Collaborate with remediation teams to track and close vulnerabilities in accordance with DoD timelines and compliance requirements
• Support vulnerability management processes within a Defense Cyber Operations (DCO) environment
• Provide reporting and status updates on vulnerability posture to leadership and stakeholders
• Leverage knowledge of networking, databases, and enterprise IT systems to support remediation efforts
• Contribute to continuous improvement of vulnerability management processes, including DevSecOps integration where applicable