Senior Vulnerability Management Analyst

About The Position

Requirements

• Experience: 3-5+ years of hands-on experience in vulnerability management and risk analytics.
• Technical Skills: Advanced knowledge of vulnerability assessment tools (e.g., Qualys, CrowdStrike, Teneable, Orca etc.). Strong understanding of vulnerability classification (CVSS, CVE), risk vs. severity, and prioritizing impactful findings. Solid grasp of cloud, network, endpoint, and application security, as well as patching processes for Windows, Mac, and Linux systems.
• Strategic Abilities: Proven ability to innovate and formalize security processes. Excellent written and verbal communication skills, with an ability to distill complex issues into clear, stakeholder-friendly language. Highly organized, detail-oriented, and capable of managing multiple projects in a fast-paced environment.
• Frameworks & Compliance: Experience with common cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, OWASP) and compliance requirements (e.g., SOC2, ISO27001, FedRAMP).

Nice To Haves

• Professional certifications such as AWS CCP, CISSP, CEH, GEVA, or OSCP.
• Background in penetration testing, product security, or security research.

Responsibilities

• Vulnerability Lifecycle Management: Work closely with teams to manage the end-to-end vulnerability management process, including conducting scans, analyzing results, and tracking remediation efforts against defined service level objectives (SLOs).
• Risk Analysis & Prioritization: Perform in-depth analysis of vulnerabilities from automated scans and penetration tests. Develop risk-based remediation plans and collaborate with stakeholders to prioritize the most critical findings.
• Process Automation & Improvement: Help drive the evolution of our vulnerability management operations by identifying and implementing automation opportunities across our tech stack. Develop and refine program governance, reporting templates, and metrics.
• Reporting & Communication: Create and present clear, actionable vulnerability reports, scorecards, and dashboards that define the current security risk posture for both technical and non-technical audiences.
• Subject Matter Expertise: Serve as a thought leader within the team, maintaining deep knowledge of the current threat landscape, new technologies, and security best practices to guide strategy and mentor peers.

Benefits

• Health and wellness coverage: Medical, dental, and vision insurance
• Disability coverage: Short-term and long-term disability
• Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
• Additional life coverage options: Supplemental life insurance for employees, spouses, and children
• Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
• Financial security: 401(k) Savings and Investment Plan with company matching
• Time off benefits: Flexible vacation policy
• Holidays: 8 paid holidays annually
• Sick leave
• Parental support: Paid parental leave
• Employee Assistance Program (EAP) and Care Counselors
• Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
• Health Savings Account (HSA) with employer contribution