Everforth ECS is seeking a Junior Vulnerability Management Analyst to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax.
Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Junior Vulnerability Management Analyst supports enterprise vulnerability management operations across WDP's classified and unclassified environments, contributing directly to the continuous monitoring, POA&M tracking, and remediation coordination activities that sustain WDP's authorization posture across NIPRNet, SIPRNet, and JWICS. This is an entry-level role offering structured, hands-on exposure to government vulnerability management operations at scale, where scan validation accuracy, remediation timeliness, and documentation discipline directly impact mission system authorization status and warfighter platform availability.
• Supports enterprise vulnerability management operations for Department of War mission systems across unclassified and classified environments.
• Performs day-to-day validation of vulnerability scan results generated by ACAS, endpoint security platforms, and cloud security tools to confirm accuracy, scope, and system relevance.
• Tracks vulnerability findings and remediation actions within POA&M repositories, ServiceNow workflows, and continuous monitoring dashboards to maintain current authorization status.
• Coordinates directly with system owners, administrators, and cybersecurity teams to collect remediation evidence, confirm patch application, and document mitigation actions.
• Assists with identification and documentation of false positives and compensating controls under guidance of senior analysts.
• Maintains detailed records supporting Risk Management Framework activities, including vulnerability aging, remediation progress, and outstanding risk conditions.
• Prepares routine vulnerability status reports, remediation summaries, and data inputs for leadership briefings using SharePoint and reporting tools.
• Supports deviation and risk acceptance requests through evidence gathering and baseline documentation.
• Participates in vulnerability management reviews, remediation planning sessions, and operational coordination meetings with government and contractor stakeholders.
• Contributes to improved cyber hygiene, reduced exposure timelines, and sustained authorization posture while reinforcing program values of accountability, consistency, transparency, and mission-focused risk reduction.
• Performs other duties as assigned.
• Ability to obtain and maintain a Top Secret (TS) security clearance.
• Experience in vulnerability management, cybersecurity operations, IT security, or a closely related discipline, including relevant academic, internship, or lab-based experience demonstrating foundational familiarity with vulnerability assessment and remediation tracking concepts.
• IAM Level I certification from an approved credential, including CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
Skills Required
- Ability to obtain and maintain a Top Secret (TS) security clearance.
- Experience in vulnerability management, cybersecurity operations, IT security, or closely related discipline (including academic, internship, or lab-based experience).
- IAM Level I certification from an approved credential (CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC).
ECS Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about ECS and has not been reviewed or approved by ECS.
-
Healthcare Strength — ECS advertises multiple national-network medical plan options with HSA eligibility alongside dental and vision coverage. Coverage generally begins quickly and is paired with company-paid short- and long-term disability, adding stability to the health package.
-
Retirement Support — A 401(k) with Safe Harbor and immediate vesting on employer contributions is emphasized, with an employer match available. Access to an employee stock purchase plan via the parent company provides an additional savings avenue.
-
Parental & Family Support — Paid parental leave up to 30 days, adoption assistance, and other family-oriented leaves are highlighted. Feedback suggests these offerings add meaningful value beyond base pay for many roles.
ECS Insights
What We Do
ECS, a segment of ASGN (NYSE: ASGN), delivers advanced solutions and services in cloud, cybersecurity, artificial intelligence (AI), machine learning (ML), application and IT modernization, and science and engineering. The company solves critical, complex challenges for customers across the U.S. public sector, defense, intelligence and commercial industries. ECS maintains partnerships with leading cloud, cybersecurity, and AI/ML providers and holds specialized certifications in their technologies. Headquartered in Fairfax, Virginia, ECS has more than 3,400 employees throughout the U.S. and has been recognized as a Top Workplace by The Washington Post for the last five years.
