Amtex Systems Inc is an information technology and talent solutions company offering talent and BI consulting to the companies in US for over 25 years.
Our solutions are designed to fill resource gaps, by providing the right candidates who deliver value to the organization. Our propensity to nurture and build strong relationships with our clients helps us better understand their business demands and gives us the ability to provide services that are on time and rise above the rest.
Hi
We have an urgent role of Cyber Operations Threat Exposure Management Analyst
6+ month contract
McKinney, TX (Hybrid)
Role Summary
We are seeking a Cyber Operations Threat Exposure Management Analyst contractor to support the review, validation, prioritization, and tracking of findings from our Threat Exposure Management platform, such as Nagomi, along with other security tools.
This role will help reduce security risk by weeding through large volumes of exposure findings, identifying what is truly actionable, eliminating noise, validating impacted assets, and working with internal teams to drive remediation.
The ideal candidate has strong cyber operations experience, understands vulnerability and exposure management, and can separate real business risk from low-value alerts.
Key Responsibilities
Review and triage findings from Threat Exposure Management platforms, including Nagomi or similar tools.
Validate findings to determine whether they are accurate, actionable, duplicate, accepted risk, or false positives.
Prioritize exposures based on exploitability, asset criticality, business impact, compensating controls, and likelihood of attack.
Correlate exposure findings across multiple tools such as vulnerability management, EDR, identity, email security, cloud security, external attack surface, and network security platforms.
Create clear, actionable remediation tasks for infrastructure, endpoint, identity, cloud, and application teams.
Track remediation progress and follow up with asset owners until findings are resolved, mitigated, or risk accepted.
Document analysis notes, ownership, risk rationale, and recommended next steps within the exposure management workflow.
Identify trends in recurring findings and recommend process improvements to reduce repeat exposure.
Assist with executive and operational reporting, including exposure status, aging, remediation progress, risk reduction, and high-priority findings.
Support Cyber Operations with prioritization of findings tied to active threats, known exploited vulnerabilities, misconfigurations, identity risks, and internet-facing exposure.
Partner with internal teams to clarify technical findings and help translate them into business-relevant risk.
Required Skills and Experience
3+ years of experience in cyber operations, vulnerability management, threat exposure management, security operations, or related security roles.
Experience reviewing and prioritizing security findings from enterprise security platforms.
Strong understanding of vulnerabilities, CVEs, misconfigurations, attack paths, exposed services, identity risks, and asset criticality.
Ability to determine whether a finding represents real risk or operational noise.
Experience working with remediation owners across infrastructure, endpoint, cloud, network, and identity teams.
Strong analytical and documentation skills.
Ability to communicate technical risk in a clear, simple, and actionable way.
Experience using ticketing or workflow platforms to track remediation activity.
Comfortable working independently and managing large volumes of findings.
Preferred Experience
Experience with Nagomi or similar Threat Exposure Management / Continuous Threat Exposure Management platforms.
Experience with tools such as CrowdStrike, Zscaler, Wiz, Tenable, Qualys, Rapid7, Microsoft Defender, ServiceNow, Jira, or similar platforms.
Understanding of MITRE ATT&CK, KEV catalog, exploitability scoring, asset criticality, and risk-based vulnerability management.
Experience supporting SOC, Cyber Operations, or Cyber Engineering teams.
Familiarity with cloud, identity, endpoint, email, and network security findings.
Never miss an opportunity! Create an alert based on the job you applied for.
