ID.me

Threat and Vulnerability Program Lead

Join ID.me as a Threat and Vulnerability Program Lead in McLean, VA. Drive security strategy, manage vulnerabilities, and enjoy comprehensive benefits.

ServiceNow Role Type:
ServiceNow Modules:
Department - JobBoardly X Webflow Template
Governance, Risk, and Compliance
Department - JobBoardly X Webflow Template
Virtual Agent
ServiceNow Certifications (nice to have):
Department - JobBoardly X Webflow Template
Certified Implementation Specialist - Vulnerability Response

Job description

Date - JobBoardly X Webflow Template
Posted on:
 
February 21, 2025

ID.me is seeking an experienced Threat and Vulnerability Program Lead to drive our enterprise-wide threat and vulnerability management strategy. In this expert-level role, you will take ownership of identifying, assessing, prioritizing, and mitigating security vulnerabilities across our infrastructure, applications, and cloud environments.

Requirements

  • 7+ years of experience in cybersecurity, with 5+ years specifically in threat and vulnerability management, security risk assessment, or penetration testing.
  • Deep expertise in vulnerability scanning tools such as Tenable Nessus, Qualys, Rapid7, or similar.
  • Strong understanding of threat intelligence methodologies, CVE scoring systems, MITRE ATT&CK framework, and exploit development lifecycles.
  • Hands-on experience with cloud security in AWS, GCP, and/or Azure, including vulnerability management and remediation in cloud-native environments.
  • Proficiency in security frameworks and compliance standards, such as NIST 800-53, FedRAMP, SOC 2, ISO 27001, and PCI-DSS.
  • Advanced knowledge of network security, application security, container security (Docker/Kubernetes), and endpoint security.
  • Experience integrating vulnerability management tools with SIEMs, SOAR platforms, and ticketing systems (Splunk, Chronicle, ServiceNow, Jira, etc.).
  • Strong leadership, communication, and stakeholder management skills, with the ability to influence technical and business teams.
  • Expertise in scripting languages (Python, Bash, PowerShell) for automation and reporting.

Benefits

  • Comprehensive medical, dental, vision, health savings account, flexible spending accounts (medical, limited purpose, dependent care, commuter benefit accounts), basic and voluntary life and AD&D insurance, 401(k) with company match, parental leave, ability to participate in unlimited paid time off subject to the terms and conditions of the PTO policy, including 8 company wide holidays, short and long-term disability insurance, accident and critical illness insurance, referral bonus policy, employee assistance program, pet insurance, travel assistant program, wellbeing and childcare discounts, benefit advocates, and a learning and development benefit.

Requirements Summary

7+ years of experience in cybersecurity, with 5+ years specifically in threat and vulnerability management, security risk assessment, or penetration testing. Deep expertise in vulnerability scanning tools such as Tenable Nessus, Qualys, Rapid7, or similar