Vulnerability Analyst
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US

QUALIFICATIONS:

Required:

• 8+ Years of relevant experience (Bachelor’s Degree in applicable field may be substituted for 5 years of experience).
• Security+ certification (or equivalent)
• Active Secret clearance
• Minimum of 3 years of experience in vulnerability management or a related cybersecurity role.
• Experience with Tenable or similar vulnerability scanning tools.
• Familiarity with Air Force IT systems and security protocols is a plus.
• Working Knowledge of Excel and pivot tables
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work independently and as part of a team.
• Detail-oriented with strong organizational skills.

Desired:

• Experience in creating and managing custom vulnerability reports.
• Knowledge of Air Force or DoD security standards and regulations.

• Proven track record of successful vulnerability remediation projects.

• Vulnerability Report Review:
• Conduct weekly reviews of Tenable vulnerability reports.
• Analyze vulnerability data to remediation actions and identify responsible parties to conduct those actions.
• Action Plan Documentation:
• Document comprehensive action plans for identified vulnerabilities.
• Prioritize vulnerabilities based on severity, potential impact, and exploitability.
• Custom Report Creation:
• Develop and maintain custom vulnerability reports tailored for individual Air Force bases.
• Clearly communicate which vulnerabilities will be remediated by the Enterprise and the expected timelines.
• Remediation Guidance:
• Provide specific, actionable feedback to Air Force bases and leadership on how to remediate vulnerabilities they are responsible for.
• Ensure recommendations are practical, aligned with Air Force policies, and feasible within the base’s resource constraints.
• Collaboration and Communication:
• Work closely with base IT teams, Enterprise security teams, and other stakeholders to ensure effective vulnerability management.
• Participate in regular meetings and briefings to discuss vulnerability trends, remediation progress, and emerging threats.
• Engage with the Cyber Security Dashboard team to identify improvements to automated messaging regarding vulnerabilities.
• Continuous Improvement:
• Stay current with the latest vulnerability trends, threat intelligence, and best practices in vulnerability management.
• Recommend process improvements and tool enhancements to streamline vulnerability assessment and remediation efforts.