Vulnerability Analyst

Job Summary

To support cybersecurity initiatives, the full-time remote Vulnerability Analyst will manage the lifecycle of Plans of Action & Milestones (POA&Ms), analyze vulnerability scan results, and collaborate with technical teams to integrate vulnerability management into cloud environments.

Key responsibilities

• Manage the lifecycle of POA&Ms, ensuring alignment with federal stakeholders and compliance frameworks
• Analyze scan results for false positives and prepare risk assessments and deviation requests
• Collaborate with development and infrastructure teams to integrate vulnerability management into CI/CD pipelines and cloud platforms

Required qualifications

• 3-5 years of experience in vulnerability management or related security operations roles
• Hands-on expertise with vulnerability management across operating systems, databases, and cloud environments (AWS, Azure, GCP)
• Experience working within compliance frameworks such as FedRAMP, HITRUST, or PCI
• Administrator-level certification in AWS, Azure, or GCP
• Bachelor's degree or equivalent work experience