Cyber Security Analyst III (Vulnerability Management)

United StatesFull-time$89.6k–$158kPosted Jul 13, 2026
Apply

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Cyber Security Analyst III (Vulnerability Management) based in United States.

This role is designed for an experienced cybersecurity professional who specializes in identifying, analyzing, and reducing security risks across complex enterprise environments.
You will play a key role in strengthening vulnerability management processes, improving security visibility, and protecting critical systems.
The position combines technical expertise, risk analysis, and collaboration with security, infrastructure, and business teams.
You will work with industry-standard security tools to evaluate vulnerabilities, prioritize remediation efforts, and support compliance objectives.
The role offers the opportunity to contribute to cybersecurity maturity initiatives within a mission-driven environment supporting federal information systems.
You will also help improve processes, mentor junior team members, and influence secure technology practices across the organization.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Cyber Security Analyst III (Vulnerability Management) based in United States.

This role is designed for an experienced cybersecurity professional who specializes in identifying, analyzing, and reducing security risks across complex enterprise environments.
You will play a key role in strengthening vulnerability management processes, improving security visibility, and protecting critical systems.
The position combines technical expertise, risk analysis, and collaboration with security, infrastructure, and business teams.
You will work with industry-standard security tools to evaluate vulnerabilities, prioritize remediation efforts, and support compliance objectives.
The role offers the opportunity to contribute to cybersecurity maturity initiatives within a mission-driven environment supporting federal information systems.
You will also help improve processes, mentor junior team members, and influence secure technology practices across the organization.

Accountabilities:

    The Cyber Security Analyst III (Vulnerability Management) will be responsible for managing vulnerability identification, analysis, reporting, and remediation support activities across enterprise environments. This role requires strong technical judgment, attention to detail, and the ability to translate security findings into actionable recommendations.

    • Perform vulnerability scanning across servers, endpoints, network devices, and cloud environments using approved tools such as Tenable, Nessus, Qualys, ACAS, or similar platforms.
    • Configure and optimize vulnerability scanning processes, including schedules, coverage, and tool effectiveness improvements.
    • Analyze vulnerability scan results, validate findings, identify false positives, and prioritize risks based on severity, exploitability, and asset criticality.
    • Provide risk-based recommendations to system owners, technical teams, and leadership to support timely remediation.
    • Track vulnerability remediation activities through POA&Ms, ticketing systems, and governance platforms.
    • Support risk assessments by evaluating security weaknesses, recommending compensating controls, and documenting findings.
    • Maintain vulnerability metrics, dashboards, trend analyses, and security reports for leadership review.
    • Support continuous monitoring activities, audits, and security assessment processes by validating data quality and reporting accuracy.
    • Evaluate patch management effectiveness and identify opportunities to improve remediation processes.
    • Collaborate with Security Operations Center (SOC) and Incident Response teams by providing vulnerability context related to threats and exploitation activity.
    • Support Risk Management Framework (RMF) activities by integrating vulnerability data into security assessments and authorization processes.
    • Monitor cybersecurity advisories, including CISA directives, CVE trends, and emerging threats, and communicate relevant impacts.
    • Maintain accurate asset visibility by reviewing Configuration Management Database (CMDB) records and validating scan coverage.
    • Support configuration change reviews by assessing potential vulnerability impacts and documenting findings.
    • Develop technical documentation, standard operating procedures, and process improvement recommendations.
    • Provide guidance and informal mentorship to junior cybersecurity analysts.
    • Requirements:

      The ideal candidate brings strong vulnerability management expertise, cybersecurity knowledge, and the ability to operate independently in a technical environment while collaborating effectively with multiple stakeholders.

      • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field with 5+ years of experience in vulnerability management, system security, security operations, or an equivalent combination of education and experience.
      • Proven experience using enterprise vulnerability management platforms such as Tenable.sc, Nessus, Qualys, ACAS, or similar solutions.
      • Strong understanding of CVSS scoring, CVE analysis, vulnerability prioritization, patch management, and risk-based security practices.
      • Experience integrating vulnerability data with GRC or POA&M tracking systems such as eMASS, RegScale, ServiceNow GRC, or similar platforms.
      • Familiarity with federal cybersecurity requirements, including CISA directives, STIGs, and vulnerability reporting standards.
      • Knowledge of cloud security and vulnerability management across AWS, Azure, or hybrid environments.
      • Ability to analyze complex technical information, identify root causes, and recommend effective solutions.
      • Strong organizational skills with the ability to manage multiple priorities and meet deadlines.
      • Excellent written and verbal communication skills, including the ability to explain technical concepts to both technical and non-technical audiences.
      • Ability to work independently while contributing effectively within a collaborative team environment.
      • Strong attention to detail, documentation skills, and professional judgment when handling sensitive information.
      • Proficiency with Microsoft Office applications and industry-standard technical tools.
      • Relevant certifications such as Security+, CySA+, CEH, CGRC (CAP), or Tenable Certified Practitioner are preferred.
      • Ability to pass required background and security screening processes.
      • Ability to obtain required government access credentials.
      • Benefits:

        • Competitive salary range of $89,596 - $158,000 annually, depending on skills, experience, and qualifications.
        • Remote work opportunities.
        • Paid holidays and paid time off.
        • 401(k) retirement plan with employer match.
        • Health insurance coverage through available employee benefit programs.
        • Dental and vision insurance plans.
        • Life and disability insurance benefits.
        • Opportunities to support meaningful cybersecurity initiatives in a federal technology environment.
        • Collaborative workplace focused on professional growth, innovation, and continuous improvement.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free