Cybersecurity Analyst - Vulnerability Management, Prioritization & Remediation

Overview

We are seeking a Vulnerability Management, Prioritization & Remediation Consultant to provide advisory support for client vulnerability management programs across infrastructure, cloud, application, engineering, and product environments. This role applies risk-based analysis, prioritization methods, remediation guidance, and executive-level reporting to help clients reduce exposure and improve vulnerability management maturity.

Key Responsibilities

• Analyze vulnerability data across multiple tools and environments to identify trends, systemic issues, recurring weaknesses, and high-risk exposures.
• Apply risk-based prioritization using exploitability, asset criticality, threat context, CVSS, and business impact.
• Support remediation decision-making by defining what should be addressed first, why, and how.
• Maintain vulnerability tracking, aging, remediation ownership, status, and backlog visibility.
• Advise teams on remediation strategies, sequencing, and compensating controls when direct remediation is constrained.
• Support remediation campaigns across infrastructure, cloud, application, engineering, and product teams.
• Coordinate with security, engineering, infrastructure, cloud, and application stakeholders to remove blockers and drive remediation progress.
• Translate technical vulnerability data into executive-ready reporting, risk insights, and remediation summaries.
• Identify control gaps, recurring remediation challenges, and opportunities to improve VM governance, workflows, reporting, and operational maturity.
• Document prioritization logic, remediation guidance, reporting outputs, workflow recommendations, and program improvement opportunities.

Required Qualifications

• 4+ years of experience in vulnerability management, cyber risk, security operations, or related cybersecurity roles.
• Hands-on experience with common vulnerability management tools
• Strong understanding of CVSS, exploitability, asset criticality, threat context, and risk-based vulnerability prioritization.
• Experience analyzing vulnerability data, identifying trends, and supporting remediation planning.
• Experience tracking vulnerability aging, remediation status, ownership, and backlog progress.
• Experience supporting remediation campaigns across infrastructure, cloud, application, engineering, or product teams.
• Experience improving vulnerability management governance, workflows, reporting, or operational maturity.
• Experience translating vulnerability data into executive-ready risk insights.
• Experience supporting large, complex enterprise environments.
• Client-facing advisory experience.
• Ability to operate across multiple industries and technology stacks.
• Ability to advise technical teams on remediation strategies, sequencing, and compensating controls.
• Ability to communicate technical vulnerability issues clearly to non-technical stakeholders.
• Strong analytical, documentation, reporting, presentation, and advisory communication skills.

Job Types: Full-time, Contract

Base Pay: From $40.00 per hour

Application Question(s):

• Are you eligible to work as a direct 1099 contractor (no W2 or C2C arrangements)? Please indicate your eligibility by typing 'Yes' or 'No'. Note – This question is required. Failure to answer may result in disqualification

Experience:

• Cyber Risk or Vulnerability Mgmt: 4 years (Required)
• Vulnerability Data Analysis: 2 years (Required)
• Vulnerability Tooling: 2 years (Required)

Work Location: Remote