Security Vulnerability Team Lead

JOB DESCRIPTION:

PennDOT is seeking a Security Vulnerability Team Lead within the Information Security Office of Pennsylvania s Infrastructure and Economic Development IT Delivery Center. The successful candidate will manage and administer the vulnerability management program across PennDOT, PA Emergency Management Agency (PEMA), and the Department of Community and Economic Development (DCED). This role is remote, with occasional on-site presence required.

Key Responsibilities:

• Lead vulnerability management program, conducting assessments and tests to identify security weaknesses.
• Collaborate with compliance and IT teams to ensure adherence to security standards.
• Prioritize vulnerabilities and coordinate remediation efforts.
• Stay updated on security trends and best practices.
• Prepare vulnerability management reports and provide training for staff.
• Coordinate incident response and provide after-hours support as needed.

Required Skills & Qualifications:

• 5 years of experience in vulnerability management, with expertise in Tenable Security Center and DAST tools (e.g., Rapid 7 AppSpider).
• Experience with Windows and Linux OS, system hardening, and network protocols (e.g., TCP/IP, firewalls, intrusion detection systems).
• Knowledge of regulatory compliance standards (e.g., NIST, FAIR).
• Strong communication skills and ability to present and negotiate effectively.
• Must pass Pennsylvania State Police background check (no felony offenses).
• Ability to work remotely and locally when required.

Additional Requirements:

• Candidates must be able to work 40 hours per week.
• Initial interview via Teams, with an on-site follow-up at PennDOT for equipment and badge pickup.