Information Security Manager 3 (70126090)
LMG Technology Services LLC · Austin, Texas, US
Remote – United States I. DESCRIPTION OF SERVICES Vulnerability Inventory and Baseline Establishment 1. Review the Agency’s existing vulnerability data, incl...
Job description
Remote – United States I. DESCRIPTION OF SERVICES: Vulnerability Inventory and Baseline Establishment: 1. Review the Agency’s existing vulnerability data, including vulnerabilities identified through scanning, assessments, or other security tools. 2. Establish and maintain a consolidated vulnerability baseline. 3. Develop and document a remediation timeline for all identified vulnerabilities, reflecting current risk posture and aging. Risk Classification and Prioritization: 1. Ensure that vulnerabilities are categorized and prioritized based on risk, severity, exploitability, and potential impact to Agency operations. 2. Align vulnerability classification and prioritization to applicable NIST guidance. 3. Validate that remediation timeframes align with Agency established expectations for different vulnerability risk levels. Remediation Coordination and Communication: 1. Coordinate remediation activities with system, server, and application owners. 2. Communicate clear remediation expectations, risk context, and required timelines to responsible parties. 3. Track remediation progress and identify blockers, dependencies, or delays impacting closure. 4. Escalate overdue, high risk, or...