Vulnerability Management Analyst
Austin, TX – Hybrid – Locals Preferred
One Year Contract
Looking for the candidates who can work without any visa sponsorship.
A Systems Analyst I will function as the Vulnerability Remediation person for the TxDOT Server Team. This will allow us to remediate more vulnerabilities and stay in a ready state regarding vulnerability remediation. The Vulnerability Remediation & Change Coordination Analyst is responsible for coordinating, tracking, and facilitating the remediation of server vulnerabilities that fall outside standard patching schedules. This role serves as the primary interface between Cyber Security, the Server Operations teams, and Change Management to ensure high-risk and exception-based vulnerabilities are remediated in a timely, auditable, and compliant manner. The position leverages ServiceNow, including the IT Remediation Workspace, to manage end-to-end vulnerability remediation activities and to present remediation changes to Change Advisory Board (CAB). The role supports enterprise server platforms including Windows, Linux, and Citrix and requires strong organizational, communication, and change management skills rather than day-to-day patch execution.
________________________________________
Primary Responsibilities
Vulnerability Remediation Coordination
• Review, triage, and manage vulnerability remediation assignments within ServiceNow IT Remediation Workspace.
• Coordinate remediation efforts for vulnerabilities that cannot be addressed through normal patch cycles (e.g., emergency, high-risk CVEs, exceptions, or special remediation scenarios).
• Serve as the central point of coordination between Server Operations, Security (CSOC), and other impacted teams throughout the remediation lifecycle.
• Track remediation status, dependencies, and outstanding actions to ensure vulnerabilities progress to closure in accordance with policy and risk priorities.
• Ensure remediation activities align with the Vulnerability Remediation Process and supporting work instructions.
________________________________________
ServiceNow & IT Remediation Workspace
• Create, manage, and update:
• Vulnerability Remediation Tasks (VUL)
• Associated Change Requests
• Related Configuration Items (CIs)
• Ensure accurate documentation of remediation plans, implementation steps, validation outcomes, and rollback plans within ServiceNow records.
• Validate that vulnerability remediation tasks meet ServiceNow process requirements and audit expectations before change submission.
• Coordinate remediation sequencing across multiple server platforms and support teams using ServiceNow workflows and assignment rules.
________________________________________
Change Management & CAB Presentation
• Prepare and submit Normal and Standard Change Requests for vulnerability remediation activities.
• Present vulnerability remediation changes to CAB, clearly articulating:
• Security risk and urgency
• Scope and impacted systems
• Remediation approach
• Testing and validation plans
• Rollback and risk mitigation measures
• Address CAB questions and coordinate follow up actions as needed to secure approval.
• Ensure approved changes are scheduled, communicated, and implemented in alignment with change windows and operational constraints.
________________________________________
Cross Platform Server Support
• Coordinate vulnerability remediation across:
• Windows Server environments
• Linux Server environments (RHEL)
• Citrix server platforms
• Work with platform SMEs to understand remediation requirements and constraints without directly executing patching activities.
• Ensure consistent remediation tracking and reporting across heterogeneous server platforms.
________________________________________
Organization, Tracking & Reporting
• Maintain detailed tracking of:
• Outstanding vulnerabilities
• Change approvals
• Implementation status
• Validation and closure evidence
• Support audit, compliance, and leadership reporting with accurate, up to date remediation metrics and status summaries.
• Identify process gaps, bottlenecks, or recurring issues and recommend improvements to remediation and change workflows.
Term of Service: The initial term of the contract shall commence upon execution of the contract and expires one year from commencement with the option to renew for two, one-year period(s) at TxDOT's sole discretion. TxDOT will provide an intent to renew, in writing, a minimum of 30 days prior to expiration of the current term.
NOTE: The dates, listed below, are estimated and based on the anticipated award date of the contract and will be in accordance with the DIR contract.
1st Renewal Option: One year based on commencement.
2nd Renewal Option: One year based on commencement.
II. CANDIDATE SKILLS AND QUALIFICATIONS
|
Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
|
|
Years
|
Required/Preferred
|
Experience
|
|
3
|
Required
|
Proven experience coordinating server vulnerability remediation in an enterprise environment.
|
|
3
|
Required
|
Strong hands on experience with ServiceNow, including Change Management and IT Remediation Workspace.
|
|
3
|
Required
|
Solid understanding of change management processes and presenting changes to a CAB.
|
|
3
|
Required
|
Practical knowledge of server platforms: Windows Server, Linux Server, Citrix Infrastructure
|
|
3
|
Required
|
Exceptional organizational skills with the ability to manage multiple parallel remediation efforts.
|
|
3
|
Required
|
Strong written and verbal communication skills, especially for CAB and cross team coordination.
|
|
1
|
Preferred
|
Experience supporting vulnerability remediation in a government, regulated, or large enterprise environment.
|
|
1
|
Preferred
|
Familiarity with vulnerability management workflows involving CSOC, Infrastructure, and Application teams.
|
|
1
|
Preferred
|
Experience coordinating remediation outside of standard patching schedules (emergency or out of band remediation).
|
|
1
|
Preferred
|
Prior exposure to audit, compliance, or security evidence collection related to vulnerability remediation.
|
|
1
|
Preferred
|
Timely remediation of high risk and exception-based vulnerabilities.
|
|
1
|
Preferred
|
High quality, CAB approved change records with complete and accurate documentation.
|
|
1
|
Preferred
|
Clear, auditable tracking of vulnerability remediation status from assignment through closure.
|
|
1
|
Preferred
|
Improved coordination and reduced remediation delays across server platforms.
|
Never miss an opportunity! Create an alert based on the job you applied for.