Remediation Oversight Analyst

Our client is global Fortune 500, seeking a skilled and motivated Security Analyst to join our Enterprise Vulnerability Management team.

The successful candidate will leverage enterprise-grade tools to conduct large-scale vulnerability discovery processes, evaluate and mitigate risks, and collaborate with cross-functional teams to enhance our security posture.

Key Responsibilities:

Vulnerability Detection & Validation

• Execute authenticated and unauthenticated scans on IT, OT, and cloud assets using enterprise-grade tools.
• Perform triage and validation of vulnerability data to reduce false positives.

Risk Assessment & Prioritization

• Analyze vulnerabilities using CVSS, EPSS, threat intelligence, and business impact scoring.
• Collaborate with asset owners to assess exposure and propose remediation options.

Remediation Coordination

• Track remediation efforts and engage with system owners to ensure timely patching or mitigation.
• Create and manage tickets in platforms such as ServiceNow or Jira.
• Escalate overdue vulnerabilities according to SLA thresholds.
• Lead in assessing and driving company-wide response to critical vulnerabilities.

Monitoring & Reporting

• Generate and maintain dashboards and reports on vulnerability trends, exceptions, and KPIs.
• Contribute to internal and external audits by providing evidence of scanning, remediation, and compliance alignment.

Process Improvement

• Support automation and workflow enhancements for vulnerability intake, assessment, and resolution.
• Contribute to playbooks, SOPs, and knowledge base documentation.

REQUIRED

• Bachelor s degree in Cybersecurity, Computer Science, Engineering, or related field
• 2+ years of experience in vulnerability management, security operations, or IT infrastructure

PLUSSES:

• Familiarity with common vulnerability management tools (e.g., Tenable, Rapid7, Qualys)
• Understanding of CVSS scoring, patch management processes, and exploitability metrics
• Experience working in large, distributed enterprise or manufacturing environments
• Knowledge of cloud and container vulnerabilities
• Familiarity with regulatory frameworks
• Experience with CMDBs (e.g., ServiceNow), SIEM/SOAR tools, or asset discovery platforms
• Security certifications (Security+, SANS GIAC, OSCP, etc.) are a plus
• Exposure to OT environments is a strong plus

Relocation Assistance: Yes

Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).