Senior Cybersecurity Vulnerability Analyst (REMOTE)

Trinity Health•Livonia, MI

1d•Remote

About The Position

The Vulnerability Management Analyst is responsible for identifying, assessing, and assisting in the remediation of security vulnerabilities across the organization’s infrastructure, applications, and endpoints. This role requires collaboration with cross-functional teams to ensure vulnerabilities are addressed promptly and effectively while enhancing the organization's overall security posture. Trinity Health is one of the largest not-for-profit, faith-based health care systems in the nation, with 121,000 colleagues and nearly 36,500 physicians and clinicians caring for diverse communities across 27 states. The system includes 101 hospitals, 126 continuing care locations, the second largest PACE program in the country, 136 urgent care locations, and many other health and well-being services. Based in Livonia, Michigan, in fiscal year 2023, Trinity Health invested $1.5 billion in communities through charity care and other community benefit programs.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or an equivalent combination of education and experience.
Five (5) to seven (7) years of experience in vulnerability management, cybersecurity, or related roles.
Industry certifications such as CompTIA Security+, GIAC (GSEC, GCIA, etc.), CISSP, or similar.
Experience with compliance frameworks (e.g., HIPAA, PCI-DSS, NIST, etc.).
Familiarity with asset management and discovery solutions.
Exposure to DevSecOps practices and integration into CI/CD pipelines.
Subject Matter Expert with CVSS scoring and risk prioritization frameworks.
Knowledge of scripting languages (e.g., Python, PowerShell) for automation purposes.
Strong understanding of vulnerability assessment tools and methodologies.
Familiarity with CVSS scoring and risk prioritization frameworks.
Strong analytical skills with the ability to interpret vulnerability data and communicate risk effectively.
Experience with patch management processes and tools.
Must possess a personal presence that is characterized by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals, and values of Trinity Health.

Responsibilities

Conduct regular vulnerability scans and assessments using enterprise tools (e.g., CrowdStrike Falcon, Tenable, Qualys, Rapid7, etc.).
Analyze scan results to identify vulnerabilities, prioritize risk levels, and produce actionable reports.
Collaborate with IT, development, and business teams to validate, remediate, or mitigate identified vulnerabilities.
Monitor threat intelligence feeds and map emerging threats to the organization’s attack surface.
Maintain and improve processes for vulnerability lifecycle management, including discovery, tracking, reporting, and closure.
Provide subject-matter expertise on vulnerability risks, impacts, and remediation strategies to stakeholders.
Oversee and guide the documentation of processes and creation of playbooks to ensure consistent and scalable vulnerability management practices.
Lead post-remediation validation to verify the effectiveness of implemented fixes.
Manage monthly security metrics reporting related to vulnerabilities and remediation efforts.
Design, write, and maintain scripts using Python and PowerShell to automate routine cybersecurity tasks such as log analysis, threat indicator enrichment, alert triaging, and system health checks.
Serve as a subject matter expert guiding cross-functional teams in aligning vulnerability assessments with business risk tolerance, regulatory requirements, and operational impact in accordance with compliance frameworks.
Develop and oversee the implementation of security controls and automation within CI/CD pipelines to enforce DevSecOps best practices across the vulnerability management lifecycle.
Oversee and mentor junior analysts’ investigative work to ensure accuracy, thoroughness, and alignment with established processes.