C2 Labs, Inc. · 3 months ago
Senior Information Security Engineer / Vulnerability Manager
Washington, District of Columbia, United States
Full-time
Onsite
Senior Level
5+ years expC2 Labs, Inc. partners with clients on their IT transformation journey, focusing on cybersecurity compliance and innovation. The Senior Information Security Engineer / Vulnerability Manager will lead efforts to identify, assess, and mitigate security vulnerabilities in complex enterprise IT environments, while collaborating with cross-functional teams to enhance security posture.
ComplianceComputerData GovernanceInformation ServicesInformation TechnologySoftware
No H1B
U.S. Citizen Only
Responsibilities
Manage enterprise vulnerability management platforms (e.g., Tenable, Qualys, Rapid7) and ensure timely scanning, reporting, and remediation tracking
Perform risk-based analysis of vulnerabilities, develop mitigation plans, and escalate issues requiring urgent remediation
Integrate threat intelligence to prioritize vulnerabilities based on exploitability, industry trends, and business impact
Establish and maintain vulnerability KPIs, metrics, and executive reporting dashboards
Design, implement, and maintain security controls and safeguards across networks, endpoints, and cloud environments (AWS, Azure, or hybrid)
Automate security operations tasks using scripts or tools (Python, PowerShell, Bash, or AWS Lambda)
Collaborate with IT and DevOps teams to integrate vulnerability management into CI/CD pipelines and cloud workloads
Conduct regular security assessments, penetration test remediation support, and continuous monitoring activities
Support compliance with federal frameworks (FedRAMP, NIST SP 800-53, NIST SP 800-171/CMMC, FISMA, etc.)
Document processes, remediation plans, and compliance evidence in alignment with client requirements
Provide recommendations for continuous improvement of security posture and policy enforcement
Partner with cross-functional teams (IT, Development, Operations, and Compliance) to ensure vulnerabilities are remediated in a timely, risk-based manner
Provide technical leadership and mentorship to junior security engineers and analysts
Participate in client-facing meetings and presentations as a subject matter expert in vulnerability and threat management
Qualification
Required
U.S. Citizenship and ability to obtain/maintain Public Trust clearance
Bachelor's degree in Computer Science, Cybersecurity, or related field OR 5+ years of equivalent hands-on experience
Proven experience in vulnerability management, security engineering, or penetration testing
Strong knowledge of IT infrastructure, networking, and cloud environments (AWS preferred)
Familiarity with security automation, scripting (Python, PowerShell, Bash), and infrastructure-as-code principles
Excellent analytical, problem-solving, and communication skills
Background check and unannounced drug testing required
This position is onsite in Washington, DC, with occasional travel (up to 25%) for client meetings and work assignments
Preferred
Professional certifications such as CISSP, CISM, OSCP, CEH, Security+, or AWS Security Specialty
Experience with compliance frameworks (FedRAMP, NIST 800-53, CMMC)
Background in DevSecOps practices, continuous monitoring, and automation
Company
C2 Labs, Inc.
C2 Labs partners with our clients on their IT transformation journey via our industry leading capabilities in full stack development, hyper automation/DevOps/cloud, cyber security compliance, ISSO as a Service, and FedRAMP Enablement.
11-50 employees
Funding
Current Stage
Early StageLeadership Team
Craig Thomas
Chief Technology Officer
Company data provided by crunchbase