Security Vulnerability Management Analyst

**HYBRID IN NYC

Description

Our client is looking for a Security Vulnerability Management Analyst that will perform vulnerability scans, assess vulnerabilities identified and prioritize their remediation; help review and enhance the current vulnerability management program. This position will interface between various Information Technology teams and this individual must be able to articulate the vulnerabilities and remediations to the stakeholders. Additionally this individual should also be able to translate the IT security requirements and constraints of the business into technical control requirements and specifications, help in coordinating the IT organization's technical activities to implement and manage security.

The Security Vulnerability Management Analyst is part of the Enterprise Information Technology Services, Information Security and Risk Management team and will work at an enterprise level to ensure a consistent delivery of information security and risk management services with focus on vulnerability management. This individual will act as a subject matter expert in vulnerability management.

Top Skills' Details

1) 10 years of IT experience, with at least 7 years dedicated to IT/Cyber Security, including Solution Design.

2) 3-5+ yrs. Experience with vulnerability scanning tools, preferably Rapid7, Experience with vulnerability and patch assessment and strong knowledge of vulnerability scoring systems (CVSS/CMSS), and security frameworks like OWASP (Open Web Application Security Project), MITRE ATT&CK, Good understanding of Windows and Linux patching

3) 3-5 yrs. Excellent writing and communication skills in order to communicate findings and remediation status and Knowledge of encryption algorithms, known vulnerabilities from alerts, advisories, errata and bulletins.

They will be responsible to:

• Perform vulnerability scans across enterprise including the corporate data centers

• Assess vulnerabilities identified by infrastructure and application scan, penetration testing, etc

• Prioritize remediation of vulnerabilities discovered along with remediation timeline(s)

• Assist in providing support, planning and execution of remediation of vulnerabilities

• Track and document vulnerabilities, create and maintain vulnerability management report(s)

• Attend regular team meetings and facilitate meetings between stakeholders, project leaders, and the Information Technology teams on remediation of vulnerabilities

• Assess vulnerabilities in cloud, containerized, and DevOps environments

• Help improve and automate existing vulnerability management program

• Stay current with vulnerability information across all the products in environment, maintain knowledge of the threat landscape

• Assist in integrating vulnerability management system with third party solutions like ServiceNow and other available products as and when needed

• Work with various stakeholders to identify information asset owners

• Assist in identification of emerging security technologies that can maintain or improve security posture, and implement them as and when required

• Actively engage in security architecture solutioning

• Keep informed on current threats and industry regulations

• Attend regular team, management, and project meetings and provide both verbal and written reports to the Leadership Team as required.

• Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements

• Experience with vulnerability scanning tools, preferably Rapid7

• Experience with vulnerability and patch assessment

• Strong knowledge of vulnerability scoring systems (CVSS/CMSS), and security frameworks like OWASP (Open Web Application Security Project), MITRE ATT&CK

• Good understanding of Windows and Linux patching

• Excellent writing and communication skills in order to communicate findings and remediation status

• Knowledge of network and operating system security

• Knowledge of encryption algorithms, known vulnerabilities from alerts, advisories, errata and bulletins

• Utilize/understand the use of open source tools such as Nmap, Shodan, and Metasploit to identify and confirm vulnerabilities and attack surface

• Be able to create or modify scripts using frameworks such as PowerShell or Python in order to scan for and validate more complex vulnerabilities

• Security architecture experience

• Must possess a high degree of integrity and trust along with the ability to work independently as well as work as part of a fast-moving team

• Strong Knowledge of infrastructure, application and security protocols in addition to configuration management techniques

• Knowledge of network security architecture concepts, including topology, protocols, components, principles (e.g. application of defense-in-depth), and traffic flows across the network (e.g. TCP & TCP/IP, OSI, etc.)

• Experience working with network access, identity, and access management (e.g. Active Directory, access federation, multifactor authentication, PKI)

• Experience working with operating systems (Microsoft Windows, Linux, UNIX, etc)

Additional Skills & Qualifications

• A bachelor's degree in information systems

• CISSP, CISM, GSEC, CEH, or other relevant security qualification

Job Type & Location

This is a Contract position based out of New York, NY.

The pay range for this position is $80.00 - $90.00/hr.

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision • Critical Illness, Accident, and Hospital • 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available • Life Insurance (Voluntary Life & AD&D for the employee and dependents) • Short and long-term disability • Health Spending Account (HSA) • Transportation benefits • Employee Assistance Program • Time Off/Leave (PTO, Vacation or Sick Leave)

This is a hybrid position in New York,NY.

This position is anticipated to close on Feb 27, 2026.

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We’re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We’re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.