SOC Vulnerability Management Manager - Senior

Position Summary

ECS is seeking a SOC Vulnerability Management Manager - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This senior role supports Task 3 — Cybersecurity Operations Support by leading enterprise vulnerability management operations across ARNG classified and unclassified network environments. The position directs vulnerability scanning execution, remediation prioritization, exception handling, compliance reporting, and POA&M management while coordinating closely with system owners, ISSOs, engineering teams, and SOC personnel to reduce enterprise cyber risk. As part of the broader ENOCS cybersecurity team, this role contributes directly to Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM), continuous monitoring, and audit-ready cybersecurity operations across the DoDIN-Army-NG area of responsibility.

This position supports a mission environment serving more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, helping sustain ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The SOC Vulnerability Management Manager - Senior operates within an enterprise cybersecurity ecosystem that includes 24x7x365 SOC operations, RMF processes, eMASS updates and integration, USIEM analytics, IDS/IPS and EDR-enabled monitoring, and coordination with the NETCOM Global Cyber Center and DISA DCDC. The role helps ensure vulnerabilities are identified, tracked, mitigated, and reported in alignment with STIGs, IAVMs, DoD and ARNG cybersecurity directives, and the operational needs of the ARNG enterprise.

Please Note: This position is contingent upon contract award.

Responsibilities

• Lead enterprise vulnerability management activities across supported ARNG environments, including scanning execution, finding validation, remediation prioritization, exception handling, and closure tracking.
• Establish and enforce governance processes for vulnerability identification, validation, reporting, and remediation in alignment with STIGs, IAVMs, RMF requirements, and ARNG and DoD cybersecurity directives.
• Oversee POA&M management to ensure high-risk findings are accurately documented, tracked to resolution, and reflected in continuous monitoring and compliance reporting.
• Coordinate with system owners, ISSOs, engineering teams, and SOC personnel to drive timely mitigation of vulnerabilities and reduce operational cyber risk across classified and unclassified enclaves.
• Monitor vulnerability management performance metrics, analyze trends, and provide leadership reporting that supports audit readiness, compliance management, and sustained risk reduction across the enterprise.
• Support Task 3 deliverables by integrating vulnerability management activities with broader cybersecurity operations, including continuous monitoring, secure baseline configuration, and compliance validation.
• Coordinate vulnerability management actions with ARNG cybersecurity stakeholders and external operational partners, including the NETCOM Global Cyber Center and DISA DCDC, to support DCO-IDM objectives across the DoDIN-A(NG) area of responsibility.
• Contribute to eMASS update and integration activities and ensure vulnerability artifacts, compliance status, and remediation actions are aligned with RMF support processes.
• Help inform enterprise defense by aligning vulnerability findings with SOC monitoring and analysis functions, including data flowing through USIEM, IDS/IPS, and related security operations processes.