TELECOMMUTE Data/Information Architect

Assist with the statewide vulnerability management program for DIS. Administer vulnerability management platforms, configure policies, reporting, and services to support agencies. Analyze vulnerabilities, prioritize remediation, and document residual risks for agency systems. Provide training and guidance to agencies on vulnerability management practices. Support procurement, configuration, and utilization of vulnerability management tools. Develop POA&Ms with DIS staff and agencies to track remediation efforts against SLOs. Perform system criticality validation reviews with agencies to align severity levels and risk exposure. Provide regular reporting and communication to stakeholders regarding vulnerabilities and risks.

5+ Years of Experience with vulnerability management tools (Qualys, Tenable, Rapid7). 5+ Years of Experience with architecting, deploying, configuring, and operating vulnerability management platforms. 5+ Years of Experience with Windows and Linux operating systems. 5+ Years of Experience with interpreting and applying CVSS ratings, POA&M tracking, and risk mitigation strategies

Preferred Skills (rank in order of Importance):

Familiarity with standards such as PCI DSS, NIST, ITIL, CVSS, and MITRE ATT&CK. Experience in application security and automation/scripting (Python, PowerShell, Bash). Prior experience leading statewide or enterprise-wide vulnerability programs.