Apply Now

Senior Vulnerability Management Analyst

Overview

ITDC is seeking Senior Vulnerability Management Analysts to lead the federal vulnerability management lifecycle including scanning, prioritization, remediation tracking, and reporting. The role works closely with ISSOs, system owners, and SOC engineers.

Responsibilities
  • Operate enterprise vulnerability scanning (Tenable Security Center, Nessus, Qualys) on Windows, Linux, network, and cloud assets.
  • Triage vulnerabilities by exploitability and mission impact; track remediation per BOP/DOJ cadence.
  • Produce trend reports, KEV/CISA alert response actions, and POA&M alignment.
  • Coordinate with patch management, IR, and SOC teams; contribute to penetration test scoping.
Required Qualifications
  • 6+ years of vulnerability management experience in enterprise or federal environments (derived from labor category equivalent).
  • Hands-on with Tenable Security Center, Nessus, Qualys, or equivalent enterprise scanners.
  • Working knowledge of CVSS, EPSS, KEV, MITRE ATT&CK, and CISA BODs.
  • Bachelor's degree (derived); CEH, GIAC GPEN, GPEN, OSCP, or Security+ preferred.
Desired Qualifications
  • Federal experience under FISMA and continuous monitoring frameworks.
  • Experience integrating VM results into POA&M and SCA workflows.
  • Cloud vulnerability management (AWS GuardDuty, Inspector, Security Hub).

Job Ref 2026-0503-5

Application Form

Back to Careers