Cyber Posture & Vulnerability Mgmt Analyst I

About The Position

Requirements

• Working knowledge of vulnerability assessment methodologies, penetration testing techniques, and security audit practices.
• Experience performing network‑ and asset‑based vulnerability scanning and assessment activities.
• Familiarity with one or more cloud platforms, such as AWS, Microsoft Azure, or Google Cloud Platform (GCP).
• Proficiency with common vulnerability management tools and frameworks, including Tenable, Qualys, and Tanium.
• Understanding of the Confidentiality, Integrity, and Availability (CIA) triad and its application to data and systems.
• Strong analytical, critical‑thinking, and troubleshooting skills, with the ability to assess technical issues and risk implications.
• Effective written and verbal communication skills, with the ability to convey complex technical concepts clearly to diverse audiences.
• Demonstrated interpersonal and collaboration skills, including the ability to work independently and as part of cross‑functional teams.
• Experience contributing to or leading projects and coordinated team activities.
• Proven ability to handle sensitive information and maintain strict confidentiality related to security matters.
• Bachelor's Degree or equivalent work experience required.
• 1+ years increasing responsibility in Information Technology or Information Security required.

Responsibilities

• Perform targeted vulnerability assessments across internal and external environments, including applications, systems, and network platforms.
• Analyze and document vulnerability findings, clearly articulating severity, exploitability, potential business impact, and recommended remediation or mitigation strategies.
• Produce timely, accurate reporting to support risk management decisions and remediation prioritization.
• Monitor emerging vulnerabilities, attacker techniques, and threat trends, and evaluate potential impact to Security Operations, Incident Response, and related security functions.
• Collaborate with Information Security, Risk Management, Security Architecture, and Information Technology teams to support coordinated vulnerability management and remediation efforts.
• Support Cyber Threat Intelligence (CTI) activities by incorporating threat intelligence into vulnerability analysis and reporting.
• Participate in vulnerability remediation activities, including validation and assurance testing to confirm effective risk reduction.
• Assist with penetration testing, red team, purple team, and other security assessment activities as required.
• Operate, maintain, and support vulnerability assessment tools in accordance with established standards, procedures, and best practices.
• Contribute to security initiatives and projects aimed at enhancing the organization’s overall cyber posture.
• Research emerging technologies, architectures, and frameworks to ensure effective security assessment of newly adopted platforms and services.
• Collect, maintain, and report vulnerability and security metrics as assigned.
• Adhere to Information Security policies, standards, and procedures.
• Participate in a rotating on‑call schedule to support operational requirements.
• Extended hours, including on-call may be required.
• Performs other duties and/or projects as assigned.