SOC Vulnerability Management Manager - Senior

ECS is seeking a SOC Vulnerability Management Manager - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This senior role supports Task 3 — Cybersecurity Operations Support by leading enterprise vulnerability management operations across ARNG classified and unclassified network environments. The position directs vulnerability scanning execution, remediation prioritization, exception handling, compliance reporting, and POA&M management while coordinating closely with system owners, ISSOs, engineering teams, and SOC personnel to reduce enterprise cyber risk. As part of the broader ENOCS cybersecurity team, this role contributes directly to Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM), continuous monitoring, and audit-ready cybersecurity operations across the DoDIN-Army-NG area of responsibility.

This position supports a mission environment serving more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, helping sustain ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The SOC Vulnerability Management Manager - Senior operates within an enterprise cybersecurity ecosystem that includes 24x7x365 SOC operations, RMF processes, eMASS updates and integration, USIEM analytics, IDS/IPS and EDR-enabled monitoring, and coordination with the NETCOM Global Cyber Center and DISA DCDC. The role helps ensure vulnerabilities are identified, tracked, mitigated, and reported in alignment with STIGs, IAVMs, DoD and ARNG cybersecurity directives, and the operational needs of the ARNG enterprise.

Please Note: This position is contingent upon contract award.

• Lead enterprise vulnerability management activities across supported ARNG environments, including scanning execution, finding validation, remediation prioritization, exception handling, and closure tracking.
• Establish and enforce governance processes for vulnerability identification, validation, reporting, and remediation in alignment with STIGs, IAVMs, RMF requirements, and ARNG and DoD cybersecurity directives.
• Oversee POA&M management to ensure high-risk findings are accurately documented, tracked to resolution, and reflected in continuous monitoring and compliance reporting.
• Coordinate with system owners, ISSOs, engineering teams, and SOC personnel to drive timely mitigation of vulnerabilities and reduce operational cyber risk across classified and unclassified enclaves.
• Monitor vulnerability management performance metrics, analyze trends, and provide leadership reporting that supports audit readiness, compliance management, and sustained risk reduction across the enterprise.
• Support Task 3 deliverables by integrating vulnerability management activities with broader cybersecurity operations, including continuous monitoring, secure baseline configuration, and compliance validation.
• Coordinate vulnerability management actions with ARNG cybersecurity stakeholders and external operational partners, including the NETCOM Global Cyber Center and DISA DCDC, to support DCO-IDM objectives across the DoDIN-A(NG) area of responsibility.
• Contribute to eMASS update and integration activities and ensure vulnerability artifacts, compliance status, and remediation actions are aligned with RMF support processes.
• Help inform enterprise defense by aligning vulnerability findings with SOC monitoring and analysis functions, including data flowing through USIEM, IDS/IPS, and related security operations processes.

U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst — Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, Security+,

Experience: 7+ years of experience in cybersecurity

Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering

• Demonstrated ability to lead vulnerability management operations, including remediation prioritization, exception handling, compliance reporting, and closure tracking.
• Experience managing vulnerability findings in alignment with STIGs, IAVMs, RMF requirements, and DoD or ARNG cybersecurity directives.
• Experience coordinating remediation and risk reduction activities with system owners, ISSOs, engineering teams, and security operations personnel.
• Experience developing or maintaining POA&Ms and supporting continuous monitoring and audit readiness activities.
• Ability to analyze vulnerability metrics and trends and present actionable status and risk information to leadership.
• Experience supporting cybersecurity operations in classified and unclassified network environments.
• Experience contributing to compliance management and artifact maintenance, including eMASS update or integration activities.