Security Threat and Vulnerability Program Manager

Georgetown University comprises two unique campuses in the nation’s capital. With the Hilltop Campus located in the heart of the historic Georgetown neighborhood, and the Capitol Campus, just minutes from the U.S. Capitol and U.S.

Supreme

Court, Georgetown University offers rigorous academic programs, a global perspective, and unparalleled opportunities to engage with Washington, D.C. Our community is a close-knit group of remarkable individuals driven by intellectual inquiry, a commitment to social justice, and a shared dedication to making a difference in the world.

Requirements Job Overview Security Threat and Vulnerability Program Manager, [To Be Completed Department/Unit] - Georgetown University.

The Security

Threat and Vulnerability Program Manager leads the university's Threat and Vulnerability Program. This role provides technical and tactical expertise to drive the initial setup, secure deployment, and ongoing management of advanced information security systems.

The Program

Manager handles comprehensive intelligence streams, risk analysis, cyber alerting, real-world event analysis, third-party risk management, dark web intelligence, and security information and event management (SIEM).

Duties include but are not limited to: Monitor, identify, consolidate, and report on technical security threats to the university network on a regular cadence. Develop predictive analytics strategies and risk-based security intelligence products to counter advanced threat actors and shifting challenges. Design and maintain comprehensive Third-Party Risk Management and Dark Web Cyber Threat Intelligence programs.

Investigate security alerts, correlate indicators of compromise (IOCs), and perform software/malware analysis to determine impact and attacker methodology. Develop and tune security use cases within SIEM and logging environments for real-time threat detection. Coordinate vulnerability scanning, translate findings into actionable mitigation tasks, and provide strategic oversight to contractors.

Convey complex technical analysis to senior leadership and collaborate with cross-functional IT teams to continually mature the cyber program.

Work Interactions The Security

Threat and Vulnerability Program Manager collaborates extensively with cross-functional IT teams to continually mature a world-class cyber program, driving the uplift of sensory tools, detection tuning, and access to modern data sources. Reporting to the Director of Cybersecurity Risk Management, this role regularly conveys complex technical analysis to senior leadership through clear investigation synopses, graphical attack depictions, and executive presentations. By providing strategic oversight to contractors and coordinating with appropriate campus groups, this position ensures that technical vulnerabilities are translated into actionable mitigation tasks, directly supporting Georgetown University's mission to provide a secure and robust technological environment for its community.

Requirements and Qualifications Bachelor’s or Associate’s Degree in a technical field (e.g., Cybersecurity, Computer Science, Information Technology).

Equivalency: In lieu of a formal degree, 5 to 10 years of highly relevant professional work experience in information security may be substituted. Demonstrated experience working as a Threat Analyst or Vulnerability Management professional. Proficiency in scripting or programming languages, such as Python, to automate data analysis and data centralization tasks.

Strong knowledge of threat centralization tools, security threats, and modern detection techniques. Ability to integrate, normalize, and correlate large volumes of disparate security data to identify complex patterns and trends.

Experience utilizing and configuring enterprise vulnerability scanning and assessment tools. Proven capability to conduct data analysis to attribute cyber-attacks to specific threat actors and behaviors.

Preferred Qualifications Proven experience with advanced tools and security controls focused on proactive threat detection. Professional security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+, or GIAC certifications such as GCIH/GCIA). Strong understanding of foundational network and web protocols, including TCP/IP, SSL/TLS, and

Familiarity with tracking threats and vulnerabilities within cloud infrastructure and hybrid environments (e.g., GCP, AWS, Azure) Work Mode Designation This position has been designated as Remote. Please note that work mode designations are regularly reviewed in order to meet the evolving needs of the University. Such review may necessitate a change to a position’s mode of work designation.

Complete details about Georgetown University’s mode of work designations for staff positions can be found on the Department of Human Resources website:

Pay Range: Th