
11 - 50 employees
The Dragonfli Group is a Washington, DC based LLC specializing in management and technology consulting. Dragonfli transforms its clientsâ businesses by leveraging high impact strategic planning and technology solutions coupled with our deep expertise in infrastructure, corporate strategy and operations. The Dragonfli Group's passionate and experienced consultants take a collaborative approach to provide strategic planning and information security solutions to organizations looking to increase profitability, streamline operations, manage risk, meet regulatory demands and build market share.
đĽ 0 minutes ago
Improve your chances of getting an interview by checking your resume score before you apply.

11 - 50 employees
The Dragonfli Group is a Washington, DC based LLC specializing in management and technology consulting. Dragonfli transforms its clientsâ businesses by leveraging high impact strategic planning and technology solutions coupled with our deep expertise in infrastructure, corporate strategy and operations. The Dragonfli Group's passionate and experienced consultants take a collaborative approach to provide strategic planning and information security solutions to organizations looking to increase profitability, streamline operations, manage risk, meet regulatory demands and build market share.
⢠Lead and manage end-to-end vulnerability disclosure programs (VDP), including coordination with ethical hackers, system owners, and agency stakeholders. ⢠Own attack surface management programs (e.g., CISA FAST), including scheduling, scope management, findings coordination, and POA&M documentation. ⢠Manage and update Standard Operating Procedures (SOPs), SharePoint repositories, and program tracking documentation. ⢠Lead recurring stakeholder syncs (weekly vulnerability management meetings, DMZ syncs, Security Report presentations). ⢠Operate and maintain enterprise vulnerability scanning platforms including Tenable.sc, Tenable.io, and web application scanning tools (OpenText ScanCentral or equivalent). ⢠Scope, schedule, execute, and report on vulnerability scans across large, complex federal environments. ⢠Analyze scan results to identify critical and high-severity findings; triage false positives; prioritize remediation activities. ⢠Manage hardware/software certification pipelines; process ServiceNow tickets within defined SLAs. ⢠Support transition from legacy tools to modernized scanning platforms with minimal operational disruption. ⢠Track and drive remediation of critical, high, and all severity-tiered vulnerabilities to closure within program SLAs. ⢠Maintain accurate POA&M records for all open findings across program scope. ⢠Produce and present vulnerability dashboards, compliance reports, and executive-level status briefings. ⢠Validate remediation effectiveness through post-remediation scanning and analysis. ⢠Monitor HTTPS/HSTS compliance and other BOD requirements (BOD 18-01, BOD 20-01, and others as applicable). ⢠Build and maintain working relationships with CISA contacts, agency system owners, SOC personnel, and contractor teams. ⢠Communicate vulnerability risks and remediation recommendations clearly to both technical and non-technical audiences. ⢠Serve as subject matter expert and primary point of contact for assigned programs. ⢠Provide backfill coverage across vulnerability management workstreams as needed.
⢠3+ years of hands-on vulnerability management experience. ⢠Demonstrated program ownership: VDP, attack surface management, or equivalent independently managed programs. ⢠Proficiency with Tenable.sc and/or Tenable.io (scan configuration, report generation, false positive management). ⢠Experience with CISA programs (VDP, FAST, BOD compliance) or equivalent federal cybersecurity initiatives. ⢠Working knowledge of ServiceNow or equivalent ITSM platforms for ticket management. ⢠Ability to produce clean, accurate SOPs, POA&Ms, and stakeholder-facing documentation. ⢠Active security clearance or eligibility to obtain one preferred. ⢠3+ years of hands-on vulnerability management experience within a federal agency environment preferred. ⢠Experience operating WebInspect, OpenText ScanCentral, or equivalent DAST/web application scanning tools. ⢠Familiarity with Bugcrowd or other managed bug bounty platforms. ⢠Experience with HSTS/HTTPS compliance monitoring aligned to BOD 18-01. ⢠Active certifications: Security+, CEH, CISSP, CISM, or Certified Vulnerability Assessor (CVA). ⢠Experience leading or co-leading standing meetings with federal stakeholders. ⢠Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or equivalent practical experience.
⢠Health, Dental, and Vision Insurance ⢠PTO ⢠401(k) ⢠Remote work flexibility ⢠Exposure to high-impact federal cybersecurity programs ⢠Direct access to firm leadership and career development opportunities
Apply NowđĽ 15 hours ago
Technology Development Engineer at TTI, Inc. creating new designs to generate sales and supporting supplier strategies in the distribution industry.
đşđ¸ United States â Remote
đľ $140k - $160k / year
â° Full Time
đĄ Mid-level
đ Senior
đˇđťââď¸ Engineer
đŚ H1B Visa Sponsor
đĽ 18 hours ago
Engineering role creating electrical drawings and driving process improvements in a global manufacturing company. Utilizing engineering software and leading capital projects for efficiency and safety.
đşđ¸ United States â Remote
â° Full Time
đĄ Mid-level
đ Senior
đˇđťââď¸ Engineer
đŚ H1B Visa Sponsor
Assembly
đĽ 19 hours ago
IAM Engineer responsible for secure access management and client onboarding at Ensemble Health Partners. Focus on identity lifecycle management, automation, and collaboration across teams.
đşđ¸ United States â Remote
đľ $84k - $144.9k / year
đ° Private Equity Round on 2022-03
â° Full Time
đĄ Mid-level
đ Senior
đˇđťââď¸ Engineer
Cyber Security
ServiceNow
đĽ 19 hours ago
11 - 50
Language Engineer at xMentium bridging the gap between technology and subject matter expertise. Implementing AI solutions for structured data extraction across various industries.
đşđ¸ United States â Remote
đ° $2.4M Seed Round on 2022-08
â° Full Time
đĄ Mid-level
đ Senior
đˇđťââď¸ Engineer
đĽ 20 hours ago
Neuroimaging Engineer developing algorithms for analyzing structural and functional MRI data at WashU. Responsibilities include software development and data quality assurance.
đşđ¸ United States â Remote
đľ $53.1k - $90.6k / year
â° Full Time
đĄ Mid-level
đ Senior
đˇđťââď¸ Engineer
Linux
Python