Senior Vulnerability Management Analyst
Overview:
Senior Vulnerability Management Analyst
Hybrid | Washington D.C. | 1 Day a Week Onsite
US Citizenship Requred
Summary
Our client is an employee and Service-Disabled, Veteran-owned Small Business focused on providing niche technical services. They are a team of experienced cybersecurity professionals with a track record of success in the Federal, Commercial, and Academic workspaces.Additionally, our client designs, builds, operates, and secures scalable cloud and IT infrastructures to meet their customers’ near-term needs and fulfill their long-term requirements.
Responsibilities
Our client is seeking a Senior Vulnerability Management Analyst to lead and establish a comprehensive Vulnerability Management (VM) program within the Cybersecurity Operations Unit. This role will focus on designing policies, procedures, and protocols for identifying, categorizing, and managing vulnerabilities across the client’s systems and networks, ensuring compliance with federal requirements, and overseeing the timely remediation of vulnerabilities.
- Develop and implement a comprehensive VM program, including policies, procedures, and protocols for identifying and managing vulnerabilities
- Ensure prompt identification, analysis, and remediation of vulnerabilities affecting internal and external information systems
- Create and maintain compliance with federal vulnerability directives such as Binding Operational Directive (BOD) 22-01
- Provide expertise in using security technologies such as Tenable, Nessus, Invicti, Splunk, and other VM tools
- Oversee vulnerability management in on-premises and cloud environments, including AWS, Microsoft Azure, Google Cloud, and Data Centers
- Collaborate with system owners to design mitigation strategies, patch systems, and address vulnerabilities that cannot be patched
- Analyze systems, network configurations, and web applications to identify vulnerabilities and ensure remediation
- Build dashboards, metrics, and reports to measure the effectiveness and health of the VM program
- Research and recommend new capabilities to enhance the VM program and adapt to Zero Trust architecture
- Develop workflows and automation tools to streamline vulnerability management processes
- Provide reports on the progress of vulnerability remediation and compliance with security requirements
- Author documentation, including VM program doctrine, mitigation strategies, and analysis reports
- 5-7+ years of relatable experience is required for this position
- Extensive experience with vulnerability scanning tools, such as Tenable, Nessus, and SIEM solutions (e.g., Splunk)
- Strong knowledge of managing vulnerabilities in both on-premises systems and cloud environments (AWS, Azure, Google Cloud)
- Familiarity with industry standards and federal government regulations related to vulnerability management
- Experience developing and implementing mitigation strategies to address vulnerabilities
- Ability to analyze systems, configurations, and web applications to identify vulnerabilities and implement appropriate remediation
- Experience with developing workflows and forms using tools like ServiceNow, SharePoint, PowerApps, and Tableau for visualization
- Proven ability to write documentation, including reports, program documents, and policies related to vulnerability management
- Familiarity with the OWASP Top Ten vulnerabilities and understanding of vulnerability program management at the programmatic level
- Experience in automating aspects of the VM program using AI/ML or other advanced technologies
- Experience with federal regulations related to cybersecurity, particularly in vulnerability management and compliance
- Strong communication skills for developing presentations and reports for senior management and stakeholders
- None
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.Please be aware that onboarding can take 4-6 weeks for this position.
About Us
Northern Virginia-based Precision Solutions is an expert in staffing solutions for companies of any size that open the door to new opportunities and seek outstanding talent. We pride ourselves on being versatile enough to tailor our relationships to the needs of each individual client, being agile in the fast-paced marketplace, and being precise in meeting the needs of any company.
Equal Opportunity Employer Statement
Precision Solutions is an equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.