Note: The job is a remote job and is open to candidates in USA. PGTEK is seeking an experienced Senior Vulnerability Management Engineer to lead the engineering and administration of enterprise Tenable vulnerability management solutions supporting a large Department of Defense program. This hands-on role involves designing, deploying, optimizing, and maintaining the Tenable platform while collaborating with various teams to enhance the organization's security posture.
Responsibilities
- Administer and optimize the full Tenable platform, including:
- Tenable.sc
- Tenable Vulnerability Management (formerly Tenable.io)
- Nessus
- Nessus Agents
- Perform authenticated and unauthenticated vulnerability scans across Windows, Linux, network, and cloud environments
- Analyze vulnerability data, validate findings, eliminate false positives, and prioritize remediation efforts based on risk
- Coordinate remediation activities with infrastructure, networking, and application teams through closure
- Manage scan schedules, repositories, credentials, scan zones, and agent deployments
- Troubleshoot scanning issues, credential failures, performance bottlenecks, and platform health
- Develop executive dashboards, compliance reports, and security metrics
- Support RMF continuous monitoring, POA&M management, and audit activities
- Integrate Tenable with ServiceNow, SIEM, asset management, and automation platforms
- Develop automation using PowerShell, Python, Bash, and Tenable APIs
- Recommend system hardening improvements and security best practices
- Provide technical mentorship to junior engineers and vulnerability analysts
- Support security investigations and incident response activities requiring vulnerability analysis
Skills
- 7+ years of cybersecurity engineering, vulnerability management, or systems engineering experience
- Experience supporting Federal Government or DoD environments (5+ years preferred)
- Active Secret Clearance (TS/SCI preferred)
- Deep experience administering: Tenable.sc, Tenable Vulnerability Management, Nessus, Nessus Agents
- Strong understanding of vulnerability management lifecycle and remediation processes
- Experience with: CVSS scoring, Known Exploited Vulnerabilities (KEV), Patch management, STIG compliance scanning, False-positive validation
- Working knowledge of: Windows Server, Linux (RHEL, CentOS, Ubuntu), VMware vSphere, AWS and/or Azure, Enterprise networking (TCP/IP, DNS, VLANs, routing, switching)
- Experience supporting one or more of the following: NIST SP 800-53, Risk Management Framework (RMF), DISA STIGs and SRGs, CMMC, CIS Benchmarks, DoD 8570 / 8140 requirements
- PowerShell, Python, or Bash scripting
- Tenable API development and automation
- ServiceNow or Jira integration
- SIEM and SOAR platforms
- Executive reporting and security metrics
- Experience improving vulnerability remediation processes and reducing MTTR
Company Overview