[Hiring] Risk-Based Asset Manager @True Zero Technologies

Role Description

This candidate will lead risk-based asset management efforts across vulnerability management, configuration management, and database hardening in support of a federal cybersecurity program. Additionally, this role will coordinate technical activities, guide prioritization based on business and security risk, and provide leadership visibility into remediation progress, operational gaps, and program performance. This position calls for a blend of hands-on technical depth and team leadership, with responsibility for driving process improvement, supporting automation, and helping mature enterprise security practices.

Job Responsibilities

• Oversee RBAM projects, schedules, milestones, and team execution
• Facilitate meetings and brief leadership on status, risks, priorities, and progress
• Direct and support enterprise vulnerability scanning, analysis, remediation prioritization, and reporting
• Guide the development and enforcement of secure configuration baselines across systems and platforms
• Coordinate database hardening, patching, scanning, and compliance activities with stakeholders
• Review cyber hygiene findings and translate results into actionable remediation plans
• Support evaluation of new technologies and products through security review and software approval processes
• Develop or enhance dashboards, reporting, and metrics to improve visibility into risk and remediation progress
• Support process improvement, automation, and operational maturity efforts across the RBAM function
• Ensure work products, reporting, and technical activities align with DHS, client, and federal cybersecurity expectations
• Lead and coordinate vulnerability management, configuration management, and database hardening activities

Qualifications

• Bachelor’s degree in Information Technology, Information Systems, Computer Science, Computer Engineering, Electrical Engineering, or related technical field; or equivalent additional experience
• 7+ years of total professional experience
• 5+ years of technical experience in vulnerability management, configuration management, database hardening, or related security operations
• Experience leading technical teams or workstreams in dynamic environments
• Strong experience managing vulnerability remediation efforts across enterprise environments
• Experience using vulnerability scanning tools such as Tenable/Nessus
• Strong experience establishing, maintaining, and enforcing configuration baselines
• Familiarity with remediation practices across Windows, Linux, network devices, containers, and cloud platforms
• Strong knowledge of CVE, CVSS, NVD, and the CISA KEV catalog
• Strong knowledge of configuration management principles and secure baseline enforcement
• Familiarity with DISA STIGs, CIS Benchmarks, and secure hardening practices
• Experience with enterprise dashboards, reporting, and ticketing workflows
• Experience with scripting and automation using tools such as Python, PowerShell, Bash, or similar
• Experience with a wide range of database technologies including:
  • Relational databases: Oracle, PostgreSQL, MySQL, MS SQL
  • NoSQL Databases: MongoDB
  • Cloud-native databases: Amazon RDS, Azure SQL, DynamoDB
• Familiarity with DevSecOps and CI/CD pipeline concepts
• Ability to assess and secure on-premises and cloud-hosted database environments
• Experience with audit logging, encryption, masking, and technical evidence generation for compliance needs
• Strong written and verbal communication skills

Requirements

• One active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable
• One active Agile certification such as PMI-ACP, SAFe Agilist, CSM, or comparable

Benefits

• Competitive salary, paid twice per month
• Best in class medical coverage
• 100% of medical premiums covered by True Zero
• Company wide new business incentive programs
• Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
• 3 weeks of PTO starting + 11 Paid Holidays Annually
• 401k Program with 100% company match on the first 4%
• Monthly reimbursement of Cell Phone and Home Internet costs
• Paternity/Maternity Leave
• Investment in training and certifications to broaden and deepen your technical skills