Vulnerability Management Analyst
About The Position
Join our team in a high-impact cybersecurity role where you will help strengthen and advance our enterprise vulnerability management program and cybersecurity posture. You’ll play a key part in identifying, prioritizing, and communicating vulnerability risk across a complex and evolving threat landscape. Leveraging data, and (soon) AI, you will turn vulnerability insights into meaningful, actionable outcomes. This role offers the opportunity to collaborate across teams, and drive continuous improvement in how we manage and reduce vulnerability risk. If you thrive on solving complex challenges and want to make a measurable impact on organizational security, this is an exciting opportunity to do so.
Requirements
- Subject Matter Expertise and the ability to provide mentorship, guidance, and training to other team members
- Minimum of 5+ years of experience in Information Security
- 2+ years in vulnerability management
- Bachelor’s degree in a computer science, cybersecurity, or related field (preferred) or High School Diploma/GED
- CISSP, CISA (Preferred)
- CCSP, GSEC, NCSF, CompTIA Security+ (Additional relevant certifications)
- Vulnerability management platform certifications (e.g., Nessus, Rapid7) strongly preferred
Responsibilities
- Administer and maintain vulnerability scanning tools, including configuration, scheduling, and execution of scans
- Analyze, validate, and prioritize vulnerabilities based on risk, asset criticality, and threat intelligence
- Develop and manage vulnerability remediation tracking using scanning tools, SQL-based queries, and reporting
- Maintain awareness of emerging and publicly disclosed vulnerabilities through external intelligence sources (e.g., FS-ISAC, CISA, NVD, MSSP, Vendor security advisories)
- Maintains current knowledge of the threat landscape including attacker tactics, techniques and procedures
- Develop and maintain vulnerability management metrics, dashboards, and key risk indicators to measure program effectiveness
- Analyze vulnerability trends and provide actionable insights to guide risk-based prioritization
- Prepare and deliver clear, concise reports for IT leadership, risk committees, and technical stakeholders
- Contribute to the development of vulnerability management strategy and ongoing process improvements
- Initiate and support automation initiatives for vulnerability identification, classification, reporting, and tracking
- Find and help deploy uses cases for AI to improve analysis and presentation of vulnerability data
- Partner with Network Services and other technical teams to support vulnerability remediation and mitigation efforts (Patching and remediation are outside the duties of this role, and is instead performed by Network Services)
- Facilitate vulnerability exception processes, including tracking, reporting and escalation procedures
- Administer and monitor anti-phishing and brand protection processes and reporting
- Support of security tools and processes including SIEM, IDS/IPS, DLP, firewall governance, and access reviews
- Assist with third-party assessments, internal audits, and security baseline development for new technologies
- Maintain and update security documentation, standards, and operational procedures
- Performs additional duties as assigned
Benefits
- Individual development plans
- Educational reimbursement
- Job shadowing across departments
- Hands-on leadership practice through specialized trainings
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
