ZipRecruiter

Log In

1

Assistant Vulnerability Management Jobs (NOW HIRING)

Scalence L.L.C.

Vulnerability Analyst

Burlington, MA · On-site

... management and working closely with various teams. Responsibilities : • Perform vulnerability ... • Assist in implementing vulnerability patches and security updates across systems and ...

next page

Showing results 1-20

All JobsAssistant Vulnerability Management Jobs

Assistant Vulnerability Management information

See salary details

$29K

$48.4K

$69.5K

How much do assistant vulnerability management jobs pay per year?

As of Jun 25, 2026, the average yearly pay for assistant vulnerability management in the United States is $48,396.00, according to ZipRecruiter salary data. Most workers in this role earn between $42,000.00 and $48,500.00 per year, depending on experience, location, and employer.

What is the difference between Assistant Vulnerability Management vs Security Analyst?

AspectAssistant Vulnerability ManagementSecurity Analyst
CertificationsCompTIA Security+, Certified Ethical Hacker (CEH) (preferred)CompTIA Security+, CISSP, CEH
Work EnvironmentSupport team, IT security departmentSecurity operations center, IT security team
ResponsibilitiesAssist in vulnerability scans, document findings, support remediationAnalyze security threats, investigate incidents, implement security measures

Assistant Vulnerability Management roles focus on supporting vulnerability assessments and remediation efforts, often working under supervision. Security Analysts have a broader scope, analyzing threats, investigating security incidents, and implementing security strategies. Both roles require similar certifications and work within IT security teams, but Security Analysts typically have more advanced responsibilities and decision-making authority.

More about Assistant Vulnerability Management jobs
What cities are hiring for Assistant Vulnerability Management jobs? Cities with the most Assistant Vulnerability Management job openings:
What are the most commonly searched types of Vulnerability Management jobs? The most popular types of Vulnerability Management jobs are:
What states have the most Assistant Vulnerability Management jobs? States with the most job openings for Assistant Vulnerability Management jobs include:
What job categories do people searching Assistant Vulnerability Management jobs look for? The top searched job categories for Assistant Vulnerability Management jobs are:
Assistant Vulnerability Management jobs near you
Infographic showing various Assistant Vulnerability Management job openings in the United States as of June 2026, with employment types broken down into 20% As Needed, 20% Full Time, 20% Temporary, and 40% Contract. Highlights an 85% Physical, 5% Hybrid, and 10% Remote job distribution, with an average salary of $48,396 per year, or $23.3 per hour.
Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring)

Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring)

SecuriGence

Oakton, VA • On-site

Full-time

Posted 19 days ago

Job description

Overview
Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring)
Oakton, VA
Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer's core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!
SecuriGence delivers essential technology services supporting critical national security missions. We are seeking a Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring) to support Department of Defense (DoD) cybersecurity operations by executing vulnerability management, security compliance, and Continuous Monitoring (ConMon) activities in accordance with the Risk Management Framework (RMF). This role is responsible for identifying, assessing, prioritizing, and tracking vulnerabilities using enterprise tools, ensuring compliance with Security Technical Implementation Guides (STIGs), and responding to Information Assurance Vulnerability Alerts (IAVAs).
Responsibilities
  • Vulnerability Management
    • Perform vulnerability scanning using Assured Compliance Assessment Solution (ACAS) (e.g., Tenable.sc / Nessus).
    • Enforcing the ACAS best practice guide requirements when performing vulnerability scans in ACAS
    • Analyze scan results to identify vulnerabilities, misconfigurations, and compliance gaps.
    • Validate findings against the latest released DISA STIGs and applicable security baselines.
    • Review of provided checklists and working with system admins in identifying gaps for POA&M creation.
    • Assess and track vulnerabilities in accordance with DoD timelines and risk severity.
    • Correlate vulnerabilities with IAVA/IAVM notices and ensure timely remediation or mitigation.
    • Develop and maintain Plan of Action and Milestones (POA&M) documentation.
    • Maintenance of Risk Acceptance (RA) POA&M items within SOR (System of Record) and coordinating with System administrators to validate that RA is required instead of a POA&M.
  • STIG Compliance & Hardening
    • Apply and validate Security Technical Implementation Guides (STIGs) across operating systems, applications, and network devices.
    • Conduct manual and automated STIG compliance checks using tools such as ACAS Audit checks, STIG Viewer, SCAP Compliance Checker (SCC), and Evaluate-STIG.
    • Document compliance status and provide remediation guidance to system administrators.
    • Support system hardening efforts aligned with DoD baseline configurations.
    • Ensure that golden images are maintained for Servers (RHEL and Windows) and Workstations following STIG guidance.
  • IAVA/IAVM Management
    • Monitor and assess Information Assurance Vulnerability Alerts (IAVAs) and Bulletins (IAVBs).
    • Determine system applicability and operational impact.
    • Coordinate remediation actions and track compliance deadlines.
    • Maintain IAVA compliance reporting and documentation for audits.
  • Continuous Monitoring (ConMon)
    • Execute Continuous Monitoring activities in accordance with RMF Step 6.
    • Monitor security controls for effectiveness and ongoing compliance.
    • Conduct control assessments and assist with periodic security reviews.
    • Support automated and manual data collection for ConMon dashboards and reporting.
    • Identify trends, recurring issues, and systemic risks across systems.
  • RMF & Compliance Support
  • Support RMF activities across all six steps, with emphasis on:
    • Control implementation validation
    • Security control assessment support
    • Ongoing authorization (ATO sustainment)
  • Update and maintain RMF artifacts, including:
    • System Security Plan (SSP)
    • Security Assessment Report (SAR)
    • Plan of Action and Milestones (POA&M)
    • Security Assessment Plan (SAP)
  • Map vulnerabilities and findings to NIST SP 800-53 controls.
  • Reporting & Documentation
    • Generate vulnerability and compliance reports for leadership and Authorizing Officials (AOs).
    • Provide risk-based recommendations and remediation strategies.
    • Maintain audit-ready documentation in accordance with DoD and agency requirements
  • Other duties as assigned

Qualifications
  • High school diploma or GED equivalent
  • 5+ years of experience in DoD cybersecurity or RMF-based environments
  • Hands-on experience with:
    • ACAS (Nessus / Tenable.sc)
    • STIG implementation and validation
    • IAVA/IAVM processes
    • Experience with vulnerability assessment, risk analysis, and remediation tracking.
  • DoD 8570/8140 Compliance: Must meet IAT Level II requirements (e.g., Security+)
  • Active DoD Top Secret clearance with SCI eligibility.

Knowledge, Skills, and Abilities:
  • Strong understanding of:
    • DoD RMF (DoDI 8510.01)
    • NIST SP 800-53 security controls
  • Ability to manage multiple systems and priorities in a regulated environment
  • Strong analytical and problem-solving skills
  • Attention to detail and compliance rigor
  • Ability to translate technical risk into mission impact
  • Effective communication with technical and non-technical stakeholders
  • Relevant certifications:
    • Certified Information Systems Security Professional (CISSP)
    • Certified Ethical Hacker (CEH) or equivalent
    • DISA ACAS Training Certificate
  • Experience with:
    • ACAS
    • SCAP Compliance Checker (SCC) / Evaluate-STIG
    • STIG Viewer
    • eMASS, Xacta
    • Trellix, MDE
    • Splunk, Elastic
  • Familiarity with scripting (e.g., PowerShell, Python) for automation.
  • Experience in enterprise-level ConMon programs or NOSC/SOC environments.

How you'll grow
At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn.
We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.
Benefits
At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.
Learn more about what working at Chenega MIOS can mean for you.
Chenega MIOS's culture
Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.
Corporate citizenship
Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.
Learn more about Chenega's impact on the world.
Chenega MIOS News- https://chenegamios.com/news/
Tips from your Talent Acquisition Team
We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links:
Chenega MIOS web site - www.chenegamios.com
Glassdoor - https://www.glassdoor.com/Overview/Working-at-Chenega-MIOS-EI_IE369514.11,23.htm
LinkedIn - https://www.linkedin.com/company/1472684/
Facebook - https://www.facebook.com/chenegamios/

Apply