Senior Security Analyst-TVM

Description

We are a leading provider of technology services and talent solutions. We partner with clients to design, build, and operate technology-enabled solutions that drive business outcomes. Our Risk and Security practice is focused on delivering measurable improvements in cybersecurity posture, compliance, and risk management.

Role Overview

We are seeking a highly motivated and skilled Threat and Vulnerability Management (TVM) Security Analyst to join and grow with our Risk and Security practice. This role will focus on identifying, assessing, and mitigating vulnerabilities across diverse environments, including Windows, Linux, and MacOS. The ideal candidate will have hands-on configuration and administration experience with the above-mentioned operation systems and leading TVM tools. Experience in threat intelligence platforms and cyber security frameworks will also be instrumental in supporting our clients’ cybersecurity initiatives.

Key Responsibilities

• Perform vulnerability assessments and threat analyses across on-premises, cloud, and hybrid computing environments.

• Analyze industry standard (e.g., CVE and CVSS) and tool-based risk ratings against organizational priorities and applicability to assess, categorize

• Operate and manage TVM tools (e.g., Tenable, Qualys, Rapid7) and EDR platforms (e.g., CrowdStrike, SentinelOne).

• Integrate threat intelligence feeds into vulnerability management workflows.

• Collaborate with SOC, incident response, and infrastructure teams to identify, respond to, escalate, and track security alerts, incidents, and events.

• Develop and maintain dashboards and reports on threat and vulnerability metrics and trends.

• Effectively communicate vulnerability findings and risk assessments to both technical teams and non-technical stakeholders

• Support compliance initiatives aligned with security control frameworks and benchmarks (e.g., NIST, ISO, CIS)

• Contribute to the development of standard operating procedures, runbooks, playbooks, workflows, and other technical documentation.

Required Qualifications

• Security+ certification (Required)

• Strong understanding of vulnerability scoring systems (e.g., CVE, CVSS and, EPSS)

• Experience with Windows, Linux, and MacOS operating systems.

• Familiarity with TVM, EDR, SOAR, and SIEM platforms.

• Knowledge of common security frameworks (e.g., NIST 800-53, NIST 800-171, CIS Controls).

• Ability to analyze and interpret vulnerability scan results and threat intelligence.

• Strong communication and documentation skills.

Preferred Qualifications

• Experience with scripting or automation (e.g., Python, PowerShell) for vulnerability management.

• Experience with Configuration Management Tools (e.g., RedHat Satellite, SCCM, CMDBs)

• Familiarity with Zero Trust Architecture and modern security operations models.

• Exposure to cloud security (AWS, Azure, GCP) and container security tools.

• Experience in cloud vulnerability management (AWS Inspector, Azure Defender, GCP Security Command Center).

• Experience working in or supporting DoD, DISA IL5/IL6, or FedRAMP environments.

Education & Experience

Bachelor’s Degree in Cybersecurity, Information Technology, or related field; or equivalent experience.

5-10 years of experience in cybersecurity, with a focus on vulnerability management or threat analysis.

Why Join Us?

• Work with a collaborative and mission-driven team.

• Engage in high-impact projects across commercial and federal sectors.

• Access to continuous learning, hands-on training, and certifications to support your professional growth.

• Grow your career through professional development programs, mentorship opportunities, and clear advancement paths within an expanding cybersecurity practice.

• Be part of a culture that values relationships, commitment, and open communication.