Vulnerability Management Analyst

Job ID: 2507221

Location: REMOTE WORK, TX, US

Date Posted: 2025-07-02

Category: Cyber

Subcategory: Cyber GRC

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: Yes

Description

SAIC is seeking a Vulnerability Management Analyst to join our team providing Security Operations Services for a major state & local government customer located in Texas. This position reports to our Technical Director. This position will be responsible for vulnerability management in a complex, multi-supplier environment. The customer is in the Central time zone so the successful candidate will need to work during normal customer business hours (8am-5pm CT.)

Primary job responsibilities include:

• Provide functional ownership of the Vulnerability Management program and align it with business objectives, security policies, and contractual requirements.
• Lead the identification, implementation, and evaluation of vulnerability management best practices across multiple providers.
• Recommend improvements to vulnerability management processes, work instructions, reporting & analytics, toolsets, etc, in order to demonstrate vulnerability management expertise and leadership.
• Evaluate the effectiveness of vulnerability scanning and follow-up activities for multiple providers and provide feedback and recommendations for continual improvement.
• Communicate and interact with other vendors & customer agencies to ensure vulnerabilities and configuration compliance findings are remediated in a timely manner.
• Communicate and interact with customer to ensure they understand vulnerabilities in their environment.
• Provide subject matter expertise for threats, risk, and impacts to the environment in multiple capacities.
• Work with other SecOps team members to ensure SAIC systems are patched according to approved schedule and requirements.
• Contribute to successful completion of vulnerability-related SLAs and deliverables, including those that have child deliverables from other vendors.
• Leverage ServiceNow for management and tracking of vulnerabilities, remediation & refresh plans, incidents, and service requests.
• Provide expertise in the ServiceNow vulnerability module related to classification, assignment, and management of vulnerabilities.
• Provide input and assessment of new risks and recommend actions related to vulnerability and management
• Provide reviews, reports, communication, and engagement with stakeholders and management.
• Provide support for business continuity and disaster recovery activities.
• Provide support for deliverables, SLAs, and other requirements.
• Provide input into and maintenance of policy, procedures, job aid documentation, and other technical documentation.
• Assist in the development and delivery of training materials for technical staff and customers.
• Participate in security audits, compliance assessments, and documentation reviews providing expertise and support regarding vulnerability management.

Secondary job responsibilities include:

• Providing backup support for the Risk Management and Configuration Compliance functions as needed.

Qualifications

Required:

• Ability and willingness to be on-call after hours for security incidents requiring vulnerability management support.
• Bachelor's degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, etc.) and two (2) or more years of relevant experience; Master's degree in a relevant field of study and zero (0) or more years of relevant experience.
• At least one industry-recognized entry-level cybersecurity certification (e.g., CompTIA Security+, ISC 2 Certified in Cybersecurity, ISC 2 , etc.) required on day one.
• Ability to communicate technical concepts in an understandable manner to non-technical people
• Excellent oral and written communication skills.

Preferred:

• Experience with ITIL, and/or ITIL certification.
• Experience with current versions of Tenable.io and Qualys.
• Experience with current versions of ServiceNow Vulnerability Response, Risk and Configuration Compliance modules.
• Cybersecurity certifications such as SSCP, CCSP, CISM, CRISC, CISSP.
• Experience with Cyber Risk Management.
• Experience with Configuration Compliance Management.

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.