Vulnerability Management Analyst / Security Analyst

Maddisoft has the following immediate opportunity, let us know if you or someone you know would be interested. Send in your resume ASAP. - U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. Send in resume along with LinkedIn profile without which applications will not be considered. Call us NOW! ***Visa sponsorship is available for this position.

Job Title: Vulnerability Management Analyst / Security Analyst

Location: Remote

Position Overview

We are seeking an experienced Vulnerability Management Analyst to support enterprise security operations by managing vulnerability identification, prioritization, remediation tracking, and reporting. The ideal candidate will have a strong background in vulnerability lifecycle management, risk assessment, and alignment with industry standards such as National Institute of Standards and Technology (NIST).

Key Responsibilities

Vulnerability Inventory & Baseline Establishment

• Review existing vulnerability data from scans, assessments, and security tools
• Establish and maintain a consolidated vulnerability baseline
• Develop and document remediation timelines based on risk posture and aging

Risk Classification & Prioritization

• Categorize and prioritize vulnerabilities based on severity, exploitability, and business impact
• Align classification and prioritization with NIST guidelines
• Ensure remediation timelines align with defined risk-based SLAs

Remediation Coordination & Communication

• Coordinate remediation efforts with system, server, and application owners
• Communicate risk context, expectations, and remediation deadlines clearly
• Track remediation progress and identify blockers or dependencies
• Escalate overdue or high-risk vulnerabilities to appropriate governance channels

Tracking, Metrics & Reporting

• Maintain accurate tracking of vulnerability remediation status
• Produce periodic reports summarizing vulnerability posture, remediation progress, and risk exposure

Validation & Closure

• Validate remediation through scan results and supporting evidence
• Confirm closure of vulnerabilities in tracking systems
• Ensure proper documentation of risk acceptance or exceptions when remediation is not feasible

Program Improvement

• Identify process gaps and control weaknesses in vulnerability management
• Recommend improvements aligned with NIST standards and organizational policies

Required Qualifications

• 8+ years of experience in vulnerability management and security operations
• Proven experience in:
  • Vulnerability inventory and baseline establishment
  • Risk classification and prioritization
  • Tracking and managing vulnerability remediation
  • Producing security and status reports
  • Validating remediation using scan results and evidence
• Strong understanding of vulnerability management tools and frameworks
• Experience aligning processes with NIST standards and guidelines
• Excellent analytical, communication, and coordination skills

Preferred Qualifications

• Experience working in enterprise or government environments
• Familiarity with tools such as vulnerability scanners (e.g., Qualys, Nessus, Rapid7)
• Knowledge of security frameworks and compliance standards
• Relevant cybersecurity certifications (e.g., Security+, CISSP, CEH)