Vulnerability Analyst

Job ID: 2506866

Location: WASHINGTON, DC, US

Date Posted: 2025-06-20

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: No

Description

We are seeking a skilled Security Engineer with extensive experience in vulnerability remediation at the operating system (OS) level across various cloud environments, including AWS, Azure, OCI, and Google Cloud Platform to join our IT team on-site in Washington, D.C. The ideal candidate will be responsible for ensuring the security and integrity of our cloud infrastructure by identifying, assessing, and mitigating vulnerabilities. This role requires a deep understanding of cloud services, operating system vulnerabilities, and best practices for securing cloud environments that are hosting a variety for MS Windows, and Linux (Red hat, Ubuntu, Amazon) operating systems.

Key Responsibilities:

• Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks.
• Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses.
• Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team.
• Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening.
• Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments.
• Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems.
• Provide guidance and mentorship to junior engineers and team members on best practices for security and vulnerability management in cloud environments.
• Document security controls, configurations, and processes for audit and compliance purposes, ensuring alignment with organizational standards.

Qualifications

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field and 2 years of relevant experience.
• Professional certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or equivalent.
• Minimum of 5 years of experience in cloud engineering, with a focus on security and vulnerability management across AWS, Azure, OCI, and Google Cloud Platform.
• Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements.
• Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.
• Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.
• Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.
• Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.
• Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
• Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.

Additional Requirements:

C.
• Excellent interpersonal and communication skills, both written and verbal.
• Commitment to following stringent security protocols.
• Well-organized, with a high level of attention to detail and the ability to prioritize tasks.

Note: This position is for on-site work in Washington, D.C.; there are no remote work options available. The role requires a commitment to security and confidentiality due to the classified nature of the environment. All candidates must pass a comprehensive background check to ensure eligibility for security clearance.

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.