Security Vulnerability Analyst – 100% REMOTE – 6 MONTHS WITH POSSIBLE EXTENTION

Requirements:

  • Three (3) years of experience in security operations or vulnerability management***
  •  Hands-on experience with Tenable, Qualys, or similar vulnerability platforms in cloud-native environments.***
  • Deep knowledge of cloud security principles, particularly around AWS and Azure services.***
  • Familiarity with regulatory frameworks (NIST CSF, SOX, FRAPRA).
  • Strong interpersonal and communication skills, with experience leading cross-functional remediation efforts.
  • Ability to present risk findings to both technical and executive stakeholders.
  • Ability to clear required background check

Essential Functions:

  • Lead/Assist vulnerability management operations across all cloud (AWS/Azure) and SaaS environments.
  • Own the configuration, tuning, and operational use of vulnerability management tooling (Tenable One or equivalent).
  • Prioritize vulnerabilities using threat-based models (EPSS, CVSS, CISA KEVs), working closely with the SOC and threat intel teams.
  • Serve as the primary liaison to Engineering, Infrastructure, and AppSec teams to coordinate remediation plans and validate fixes.
  • Track and report remediation SLAs, exceptions, and risk acceptance items.
  • Provide vulnerability metrics and trends for leadership, compliance, and audit purposes (SOX, FRAPRA).
  • Participate in incident response activities related to active exploitation or critical vulnerabilities.
  • Develop SOPs, playbooks, and dashboards for vulnerability tracking and reporting.
  • Document all vulnerability management policies, procedures, and standards and keep them update.
  • Correlate vulnerability findings with threat intelligence feeds to assess real-world risk.
  • Track emerging vulnerabilities (zero-day threats, CVEs) and evaluate their potential impact on the organization.
  • Develop and maintain asset inventory and vulnerability baselines.
  • Assist with vulnerability remediation verification and rescanning activities.
  • Assist with Yearly external Pentest with Vendors.

***MUST TO APPLY

Job Category: Engineering
Job Type: Full Time
Job Location: Remote

Apply for this position

Allowed Type(s): .pdf, .doc, .docx