Lead – Workstation Vulnerability & Patch Management

Peraton is seeking a highly skilled and mission-focused Lead for Workstation Vulnerability and Patch Management to oversee and execute vulnerability remediation and patch compliance across a diverse enterprise workstation environment. This role plays a critical part in maintaining system integrity, supporting RMF compliance, and reducing cyber risk in alignment with DoD and NIST standards.  This position is a hybrid role with on site work 2-3 days a week.

The successful candidate will lead patching strategy, schedule coordination, toolset operations, and metrics reporting for over 50,000 Windows-based endpoints, in support of DoD information security directives.

Key Responsibilities:

• Lead the end-to-end vulnerability and patch management lifecycle for all classified and unclassified workstation assets (primarily Windows 10/11).
• Manage daily and monthly patch operations including scheduling, deployment, validation, and exception handling.
• Coordinate with Cybersecurity, System Administrators, and ISSOs to ensure timely mitigation of vulnerabilities aligned with STIG, IAVM, and ACAS/Tenable findings.
• Maintain compliance with DoD directives (e.g., DISA STIGs, IAVAs/IAVMs, CCRI prep, RMF controls).
• Leverage patch management tools such as Microsoft MECM, or Tanium for scalable deployment and reporting.
• Analyze ACAS scan results, track metrics, and generate executive-level reports showing patch compliance trends and outstanding vulnerabilities.
• Maintain Standard Operating Procedures (SOPs), update system documentation, and support audit readiness activities.
• Serve as primary point of contact for workstation remediation status during security reviews or incident response.

Basic Qualifications:

• Active DoD Secret clearance (or higher) required.
• U.S. Citizenship required due to federal contract requirements.
• Bachelor’s degree in IT, Cybersecurity, or a related field and 8 years experience, Master's and 6 years experience, PhD and 3 years experience, Associate's degree and 10 years experience, High School Diploma and 12 years experience
• Minimum of 5+ years experience in vulnerability or patch management
• Strong hands-on experience with patch deployment tools (MECM, Tanium, etc.).
• Working knowledge of DISA STIGs, IAVMs, NIST SP 800-53, and RMF.
• Experience interpreting ACAS/Tenable reports and tracking remediation progress.
• Proven ability to lead cross-functional coordination efforts and communicate with technical and non-technical stakeholders.

Preferred Qualifications:

• CompTIA Security+, CASP+, CISSP, or other DoD 8570 IAT Level II/III certifications.
• Experience supporting DoD or federal civilian cybersecurity programs.
• Familiarity with managing both NIPR and SIPR workstation environments.
• Experience with ServiceNow or Remedy ticketing systems.

Work Environment:

• Must be able to work on-site or in a classified environment as required.
• May require occasional after-hours support for emergency patching windows or system recovery.