Vulnerability Assessment Analyst - Suburban MD & Hybrid

Clearance Level
Information Security
Lanham, Maryland
Hybrid Workplace
Key Skills For Success

Security Monitoring Operations

Threat Assessment

Vulnerability Assesment

REQ#: RQ146919
Public Trust: MBI (T2)
Requisition Type: Regular
Your Impact

Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being of U.S. citizens.

Job Description

We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country.

HOW A VULNERBILITY ASSESMENT ANALYST WILL MAKE AN IMPACT: The Vulnerability Assessment Analyst is responsible for providing timely publication and dissemination of actionable security notifications through Security Alerts, Advisories, Bulletins, and other mediums to promote awareness of identified vulnerabilities or enterprise deficiencies. The candidate shall further contribute to the actionable security notifications through correlation, contextualization, and prioritization based on applicability to the enterprise

In this role, a typical day will include

  • Monitor and assess threats and vulnerabilities with identified weighted measures to evaluate the risk exposure to the enterprise.
  • Monitor the cyber enterprise health and metrics dashboard reporting to identify potential vulnerabilities or deficiencies.
  • Expedite remediation and/or mitigation of critical and high vulnerabilities by coordinating with relevant stakeholders and ensuring timely resolution.
  • Identify, review, and assess vulnerability remediation actions and data call security flaw reporting to provide accurate and comprehensive analysis of vulnerabilities.
  • Conduct vulnerability analysis and assessment for 'Zero Day' and 'Critical' security stack-related vulnerabilities that threaten the IRS enterprise, and provide deep-dive analysis and brief leadership as needed.
  • Possess knowledge of endpoint and server engineering/system administration to understand the technical aspects of vulnerabilities and their impact on enterprise systems.
  • Conduct daily exhaustive research to identify all vulnerabilities that could threaten the IRS Enterprise using multiple credible sources, and provide timely publication and dissemination of actionable security notifications in the form of Alerts, Advisories, and Bulletins.
  • Maintain/update a centralized repository of applicable threats and vulnerabilities that potentially impact enterprise systems and applications for reference and analysis purposes.
  • Manage Data Calls until resolution, including initial analysis of vulnerability impact, coordinate communications with affected Business Units (BUs), report remediation progress, and ensure directed remediation guidelines are fully completed within the required timeline.
  • Formulate metrics and mitigation strategies by analyzing risk exposure and Vulnerability Analysis to proactively identify and address potential vulnerabilities.
  • Understand Patch and Remediation methodologies for multiple operating systems to effectively assess and mitigate vulnerabilities in the enterprise environment.


  • Bachelor's degree in Computer Science, Information Security, or a related field and three plus years of experience,
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Certified Vulnerability Analyst (GCVA) are preferred.
  • Strong knowledge of vulnerability assessment and analysis methodologies, tools, and techniques.
  • Experience in monitoring and assessing threats and vulnerabilities in a large enterprise environment.
  • Excellent analytical skills to correlate and contextualize security notifications based on enterprise applicability.
  • Ability to conduct in-depth research to identify vulnerabilities from multiple credible sources.
  • Strong communication skills to effectively publish and disseminate actionable security notifications.
  • Understanding of patch and remediation methodologies for multiple operating systems.
  • Ability to work independently and collaboratively in a fast-paced environment.
  • Knowledge of endpoint and server engineering/system administration to understand technical aspects of vulnerabilities.
  • Experience in managing data calls and coordinating with business units for vulnerability remediation.
  • Strong organizational skills to maintain/update a centralized repository of vulnerabilities and track remediation progress.

Location: Hybrid-one day a week on site

US Citizenship Required

● Full-flex work week to own your priorities at work and at home
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays

Work Requirements
Years of Experience

3 + years of related experience

* may vary based on technical training, certification(s), or degree

Travel Required



U.S. Citizenship Required

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.