Cyber Security Analyst III – Vulnerability Management

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

OSC Global

WebsiteLinkedInAll Job Openings

1 - 10 employees

Founded 2025

OSC Global is an IT, cybersecurity, and professional services leader uniting mission-driven expertise and cutting-edge technology to protect companies worldwide. Through our companies and platforms we deliver secure, resilient solutions that safeguard the future.

📋 Description

• Perform vulnerability scanning across servers, endpoints, network devices, and cloud environments using approved tools (e.g., Tenable, Nessus) • Refine scanning configurations, schedules, and coverage to improve program effectiveness • Analyze and interpret scan results to validate findings, identify false positives, and prioritize vulnerabilities based on risk severity, exploitability, and asset criticality • Provide well-supported risk-based recommendations to system owners and program leadership • Coordinate with system owners, administrators, and stakeholders to support timely remediation or mitigation of vulnerabilities • Document and track remediation progress through POA&Ms, ticketing systems, or enterprise GRC platforms • Contribute to and conduct risk assessments by evaluating the potential impact of unmitigated vulnerabilities, recommending compensating controls, and clearly documenting findings for review by stakeholders and leadership • Support and contribute to continuous monitoring reporting by maintaining vulnerability metrics, trend analyses, and risk summaries for leadership review • Conduct and participate in assurance activities, validating vulnerability scan coverage, tool configuration, and data quality • Evaluate patch management effectiveness and identify gaps in remediation processes

🎯 Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field • 5+ years of experience in vulnerability management, system security, or security operations, or equivalent combination of education, experience, and training • Ability to pass a background and drug screening • Must have identification compliant with the Real ID Act at time of hire • Must be able to obtain Department of Energy access badge • Experience integrating vulnerability scan data with GRC or POA&M tracking systems (e.g., eMASS, RegScale, ServiceNow GRC, or similar) preferred • Familiarity with CISA directives, STIGs, and federal vulnerability reporting requirements preferred • Knowledge of cloud vulnerability management, including AWS, Azure, or hybrid environments preferred • Exposure to threat intelligence correlation or risk-based vulnerability prioritization methods preferred • Relevant certifications such as Security+, CySA+, CEH, CGRC (CAP), or Tenable Certified Practitioner preferred

🏖️ Benefits

• paid holidays • paid time off • 401k with employer match • dental • vision • health insurance plans through the Federal Employee Health Benefits (FEHB) program • life and disability benefits