Cybersecurity Vulnerability Management Analyst (Remote | Contract)

Location:
100% Remote (U.S.-based candidates only)
Duration:
May 2026 – August 2026 (Extension Possible)
Schedule:
Monday–Friday, 8:00 AM – 5:00 PM CST
Hours:
Up to ~560 hours

Overview

We are seeking an experienced
Cybersecurity Vulnerability Management Analyst
to support enterprise vulnerability management and remediation efforts in a large, complex environment.

This role is focused on
end-to-end vulnerability lifecycle management
—from baseline establishment and risk prioritization to remediation tracking, validation, and reporting. The ideal candidate will bring strong experience aligning processes with
NIST standards
, driving accountability across stakeholders, and ensuring timely closure of security risks.

Key Responsibilities

Vulnerability Inventory & Baseline
• Review existing vulnerability data from scans, assessments, and security tools
• Establish and maintain a consolidated vulnerability baseline
• Develop and document remediation timelines based on risk posture and aging

Risk Classification & Prioritization
• Categorize and prioritize vulnerabilities based on severity, exploitability, and business impact
• Align classification methodologies with
NIST guidelines
• Ensure remediation timelines align with defined risk thresholds

Remediation Coordination
• Partner with system, infrastructure, and application owners to drive remediation efforts
• Communicate risk context, expectations, and timelines clearly to stakeholders
• Track remediation progress and identify blockers or dependencies
• Escalate critical or overdue vulnerabilities through appropriate governance channels

Tracking, Metrics & Reporting
• Maintain accurate tracking of vulnerability status across systems
• Produce regular reports on remediation progress, risk exposure, and trends
• Provide visibility into aging vulnerabilities and SLA compliance

Validation & Closure
• Validate remediation through scan results and supporting evidence
• Confirm closure in tracking systems once issues are resolved
• Ensure exceptions or risk acceptances are properly documented and approved

Program Improvement
• Identify gaps in vulnerability management processes
• Recommend improvements aligned with
NIST standardsand governance practices
• Support continuous improvement of remediation workflows and accountability

Required Qualifications
• 8+ years
of experience invulnerability management and remediation
• Strong experience with:
• Vulnerability inventory and baseline establishment
• Risk classification and prioritization frameworks
• Tracking and reporting remediation efforts
• Validation of remediation using scan results or evidence
• Hands-on experience with vulnerability scanning and management tools
• Strong understanding of
NIST-based security frameworks
• Excellent communication and stakeholder coordination skills

Preferred Qualifications
• Experience in large enterprise or public sector environments
• Familiarity with governance, risk, and compliance (GRC) processes
• Strong analytical and reporting capabilities

Work Environment
• 100% remote within the United States
• Standard business hours with occasional off-hours support as needed
• No travel required unless pre-approved