Overview
Skills
Job Details
VULNERABILITY ANALYST
Location: WASHINGTON, DC, United States
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Hybrid Remote 3 days on-site
Description
TRiNET Technologies LLC is seeking a Vulnerability Analyst to support a critical U.S.
government agency in the National Capital Region. This role offers an exciting
opportunity to lead and contribute to vulnerability management activities, risk
assessments, and security compliance initiatives across hybrid environments. The
analyst will play a key role in identifying, analyzing, and tracking vulnerabilities using
industry-standard tools and processes.
The ideal candidate will have a strong understanding of cybersecurity principles and
hands-on experience with vulnerability scanning tools such as Nessus, Tenable Security
Center, Tenable.IO, Qualys WAS, or NMAP. This role involves executing complex
scans, correlating and analyzing results, coordinating remediation efforts, and
supporting compliance reporting. The analyst will work closely with stakeholders across
IT, security engineering, and compliance teams to improve the agency s security
posture.
Key Responsibilities:
Plan and perform vulnerability scans and assessments across on-premises,
hybrid, and cloud environments.
Lead scanning activities for servers, endpoints, applications, and cloud
infrastructure using tools such as Nessus, Security Center, Tenable.IO, Qualys
WAS, and NMAP.
Analyze and validate scan results, correlate findings, and determine severity and
risk impact to prioritize remediation efforts.
Collaborate with remediation teams, system owners, and senior security staff to
track and resolve identified vulnerabilities.
Monitor and tune scan configurations, troubleshoot scan failures, and
recommend optimizations for improved coverage and performance.
Maintain and update vulnerability tracking systems, dashboards, and compliance
reports using tools like ServiceNow, SharePoint, Microsoft SQL, and PowerBI.
Develop reports, briefs, and metrics to communicate vulnerability status,
remediation progress, and compliance standing to leadership.
Assist in refining policies, procedures, and workflows related to vulnerability
management, security operations, and continuous monitoring.
Stay up to date on emerging vulnerabilities, CVEs, threat intelligence, and best
practices to proactively identify risk areas and improve security controls.
Qualifications
Qualifications & Experience:
Bachelor s degree in Cybersecurity, Information Technology, or a related field. An
additional 2 years of experience may be substituted for a degree.
3 5 years of experience in cybersecurity, vulnerability management, or security
operations.
Hands-on experience with vulnerability scanning tools (e.g., Tenable products,
Qualys, or NMAP) and interpreting technical scan results.
Familiarity with patch management processes, vulnerability remediation, and risk
prioritization frameworks (e.g., CVSS, CISA KEV, etc.).
Demonstrated experience supporting vulnerability lifecycle tracking and reporting
using platforms such as ServiceNow, SharePoint, or PowerBI.
Strong understanding of cybersecurity frameworks (e.g., NIST 800-53, NIST
CSF) and basic compliance requirements.
Preferred Qualifications:
Experience with vulnerability management in cloud environments (Azure, AWS,
Google Cloud Platform).
Proficiency in scripting or automation using Python, PowerShell, SQL, or DAX.
Familiarity with SIEMs and security tool integration for contextualizing
vulnerability data.
Certifications such as CompTIA Security+, CySA+, CEH, or equivalent
cybersecurity certifications.
Strong communication and reporting skills, including experience presenting
technical findings to non-technical audiences.
Proven ability to work independently and collaborate with cross-functional teams
in a fast-paced environment.