Overview
On Site
USD 80,001.00 - 120,000.00 per year
Full Time
Skills
Risk Assessment
IT Security
Servers
IaaS
Nessus
IO
Dashboard
Microsoft SQL Server
Leadership
Workflow
Continuous Monitoring
Threat Analysis
Security Controls
Security Operations
Vulnerability Scanning
Qualys
Nmap
Patch Management
CISA
ServiceNow
Microsoft Power BI
NIST 800-53
Regulatory Compliance
Vulnerability Management
Cloud Computing
Microsoft Azure
Amazon Web Services
Google Cloud
Google Cloud Platform
Scripting
Python
Windows PowerShell
SQL
DAX
Security+
Certified Ethical Hacker
Cyber Security
Communication
Reporting
Presentations
Collaboration
Security Clearance
Information Technology
Systems Engineering
FOCUS
Job Details
Job ID: 2506769
Location: WASHINGTON, DC, US
Date Posted: 2025-06-17
Category: Information Technology
Subcategory: IT Security Administrator
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Yes
Description
SAIC is seeking a Vulnerability Analyst to support a critical U.S. government agency in the National Capital Region. This role offers an exciting opportunity to lead and contribute to vulnerability management activities, risk assessments, and security compliance initiatives across hybrid environments. The analyst will play a key role in identifying, analyzing, and tracking vulnerabilities using industry-standard tools and processes.
The ideal candidate will have a strong understanding of cybersecurity principles and hands-on experience with vulnerability scanning tools such as Nessus, Tenable Security Center, Tenable.IO, Qualys WAS, or NMAP. This role involves executing complex scans, correlating and analyzing results, coordinating remediation efforts, and supporting compliance reporting. The analyst will work closely with stakeholders across IT, security engineering, and compliance teams to improve the agency's security posture.
Key Responsibilities:
Plan and perform vulnerability scans and assessments across on-premises, hybrid, and cloud environments.
Lead scanning activities for servers, endpoints, applications, and cloud infrastructure using tools such as Nessus, Security Center, Tenable.IO, Qualys WAS, and NMAP.
Analyze and validate scan results, correlate findings, and determine severity and risk impact to prioritize remediation efforts.
Collaborate with remediation teams, system owners, and senior security staff to track and resolve identified vulnerabilities.
Monitor and tune scan configurations, troubleshoot scan failures, and recommend optimizations for improved coverage and performance.
Maintain and update vulnerability tracking systems, dashboards, and compliance reports using tools like ServiceNow, SharePoint, Microsoft SQL, and PowerBI.
Develop reports, briefs, and metrics to communicate vulnerability status, remediation progress, and compliance standing to leadership.
Assist in refining policies, procedures, and workflows related to vulnerability management, security operations, and continuous monitoring.
Stay up to date on emerging vulnerabilities, CVEs, threat intelligence, and best practices to proactively identify risk areas and improve security controls.
Qualifications
Qualifications & Experience:
Bachelor's degree in Cybersecurity, Information Technology, or a related field. An additional 2 years of experience may be substituted for a degree.
3-5 years of experience in cybersecurity, vulnerability management, or security operations.
Hands-on experience with vulnerability scanning tools (e.g., Tenable products, Qualys, or NMAP) and interpreting technical scan results.
Familiarity with patch management processes, vulnerability remediation, and risk prioritization frameworks (e.g., CVSS, CISA KEV, etc.).
Demonstrated experience supporting vulnerability lifecycle tracking and reporting using platforms such as ServiceNow, SharePoint, or PowerBI.
Strong understanding of cybersecurity frameworks (e.g., NIST 800-53, NIST CSF) and basic compliance requirements.
Preferred Qualifications:
Experience with vulnerability management in cloud environments (Azure, AWS, Google Cloud Platform).
Proficiency in scripting or automation using Python, PowerShell, SQL, or DAX.
Familiarity with SIEMs and security tool integration for contextualizing vulnerability data.
Certifications such as CompTIA Security+, CySA+, CEH, or equivalent cybersecurity certifications.
Strong communication and reporting skills, including experience presenting technical findings to non-technical audiences.
Proven ability to work independently and collaborate with cross-functional teams in a fast-paced environment.
Clearance Requirement:
All candidates must be eligible to obtain a U.S. Public Trust Clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Location: WASHINGTON, DC, US
Date Posted: 2025-06-17
Category: Information Technology
Subcategory: IT Security Administrator
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Yes
Description
SAIC is seeking a Vulnerability Analyst to support a critical U.S. government agency in the National Capital Region. This role offers an exciting opportunity to lead and contribute to vulnerability management activities, risk assessments, and security compliance initiatives across hybrid environments. The analyst will play a key role in identifying, analyzing, and tracking vulnerabilities using industry-standard tools and processes.
The ideal candidate will have a strong understanding of cybersecurity principles and hands-on experience with vulnerability scanning tools such as Nessus, Tenable Security Center, Tenable.IO, Qualys WAS, or NMAP. This role involves executing complex scans, correlating and analyzing results, coordinating remediation efforts, and supporting compliance reporting. The analyst will work closely with stakeholders across IT, security engineering, and compliance teams to improve the agency's security posture.
Key Responsibilities:
Plan and perform vulnerability scans and assessments across on-premises, hybrid, and cloud environments.
Lead scanning activities for servers, endpoints, applications, and cloud infrastructure using tools such as Nessus, Security Center, Tenable.IO, Qualys WAS, and NMAP.
Analyze and validate scan results, correlate findings, and determine severity and risk impact to prioritize remediation efforts.
Collaborate with remediation teams, system owners, and senior security staff to track and resolve identified vulnerabilities.
Monitor and tune scan configurations, troubleshoot scan failures, and recommend optimizations for improved coverage and performance.
Maintain and update vulnerability tracking systems, dashboards, and compliance reports using tools like ServiceNow, SharePoint, Microsoft SQL, and PowerBI.
Develop reports, briefs, and metrics to communicate vulnerability status, remediation progress, and compliance standing to leadership.
Assist in refining policies, procedures, and workflows related to vulnerability management, security operations, and continuous monitoring.
Stay up to date on emerging vulnerabilities, CVEs, threat intelligence, and best practices to proactively identify risk areas and improve security controls.
Qualifications
Qualifications & Experience:
Bachelor's degree in Cybersecurity, Information Technology, or a related field. An additional 2 years of experience may be substituted for a degree.
3-5 years of experience in cybersecurity, vulnerability management, or security operations.
Hands-on experience with vulnerability scanning tools (e.g., Tenable products, Qualys, or NMAP) and interpreting technical scan results.
Familiarity with patch management processes, vulnerability remediation, and risk prioritization frameworks (e.g., CVSS, CISA KEV, etc.).
Demonstrated experience supporting vulnerability lifecycle tracking and reporting using platforms such as ServiceNow, SharePoint, or PowerBI.
Strong understanding of cybersecurity frameworks (e.g., NIST 800-53, NIST CSF) and basic compliance requirements.
Preferred Qualifications:
Experience with vulnerability management in cloud environments (Azure, AWS, Google Cloud Platform).
Proficiency in scripting or automation using Python, PowerShell, SQL, or DAX.
Familiarity with SIEMs and security tool integration for contextualizing vulnerability data.
Certifications such as CompTIA Security+, CySA+, CEH, or equivalent cybersecurity certifications.
Strong communication and reporting skills, including experience presenting technical findings to non-technical audiences.
Proven ability to work independently and collaborate with cross-functional teams in a fast-paced environment.
Clearance Requirement:
All candidates must be eligible to obtain a U.S. Public Trust Clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.