Vulnerability Management Analyst 2

New York UniversityNew York, NY
$110,000 - $130,000

About The Position

The Vulnerability Management Analyst provides technical guidance to IT stakeholders to ensure effective vulnerability identification and remediation activities, employing advanced techniques, tools, and workflows to continuously improve. Leads initiatives to identify and remediate security risks by executing and analyzing security scans, and communicating and assisting stakeholders. Leverage advanced tools and technologies to identify impacted systems, as well as create and optimize workflows, to enhance cyber capabilities and vulnerability response efficiency. Conduct in-depth analyses of multiple data sources. As part of the continuous improvement focus, actively contribute to developing innovative approaches and best practices in cybersecurity, concentrating on vulnerability management. Serve as a subject matter expert to ensure that vulnerabilities are effectively prioritized and mitigated. Partner with IT stakeholders to manage larger vulnerability efforts, further refining workflows, documentation, and strategies to foster ongoing progress in vulnerability defense. This role is expected to provide support during a major security incident.

Requirements

  • Bachelor's Degree in Information Technology, Computer Science, or a related field.
  • 3+ years in a dedicated cybersecurity role including a focus on vulnerability management, security operations, or a related field, or an equivalent combination of education and experience.
  • 3+ years proven background in vulnerability management, including hands-on experience with vulnerability scanning tools, security tool administration, and platforms.
  • Experience creating and maintaining documentation.
  • Experience writing searches in a logging platform or SIEM.
  • Experience evaluating risk exception requests to determine if compensating controls have lowered risk to an acceptable level.
  • Experience with automation tools using scripting, SOAR tools, or Splunk.
  • CompTIA Security+ certification.
  • Strong verbal and written communication skills.
  • Knowledge of types of vulnerabilities.
  • Knowledge of core concepts in Operating Systems.
  • Knowledge of core concepts in Networking services, ports, and protocols.
  • Knowledge of core concepts in Web applications (OWASP Top 10, HTTP methods, REST APIs).
  • Knowledge of core concepts in Infrastructure (e.g., VPN, NAT, Load Balancer, WAF, types of servers).
  • Knowledge of system administration (including troubleshooting).
  • Knowledge of vulnerability prioritization techniques.
  • Knowledge of endpoint management/patch management tools.
  • Knowledge of commonly abused services, misconfigurations, and vulnerabilities.
  • Proven ability to conduct threat research based on emerging threats and/or vulnerabilities and hunt for impacted assets.
  • Proven ability to onboard and scan new data sources.
  • Knowledge of advanced security controls and information security best practices.
  • Familiarity with security & compliance frameworks such as CIS, NIST, ISO, and PCI-DS.

Nice To Haves

  • Master's Degree in a related discipline.
  • 5+ years experience working in a large-scale information technology environment.
  • Working knowledge of network and system diagnostic tools.
  • Experience securing cloud computing environments.
  • Experience with scripting, programming, or automation methods.
  • Strong background with vulnerability and patch management tools and methodologies.
  • 3+ years experience with Splunk SPL and Splunk Dashboard Studio.
  • Experience with Internet of Things search engines (e.g. Censys, Shodan).
  • Experience scanning a large enterprise environment with enterprise and open source tools.
  • Experience with Web Application, DAST, and SAST security tools.
  • Knowledge of APIs, containers, cloud architecture, and application security principles.
  • Awareness of Attack Surface Management techniques.
  • Knowledge of common misconfigurations within cloud environments.

Responsibilities

  • Provide technical guidance to IT stakeholders for effective vulnerability identification and remediation.
  • Lead initiatives to identify and remediate security risks by executing and analyzing security scans.
  • Communicate and assist stakeholders with vulnerability management activities.
  • Leverage advanced tools and technologies to identify impacted systems.
  • Create and optimize workflows to enhance cyber capabilities and vulnerability response efficiency.
  • Conduct in-depth analyses of multiple data sources.
  • Contribute to developing innovative approaches and best practices in cybersecurity, focusing on vulnerability management.
  • Serve as a subject matter expert for vulnerability prioritization and mitigation.
  • Partner with IT stakeholders to manage larger vulnerability efforts.
  • Refine workflows, documentation, and strategies for vulnerability defense.
  • Provide support during major security incidents.

Benefits

  • Annual base salary range of USD $110,000.00 to USD $130,000.00.
  • Incentives, bonuses, clinical compensation, or other items may be additional.
  • NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service