We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal ...
We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal ...
Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment ... Translate technical vulnerability findings into risk-based language for federal clients and ...
Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment ... Translate technical vulnerability findings into risk-based language for federal clients and ...
Vulnerability Analyst
Charleston, WV · Remote
$80K - $134K/yr
Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment ... Translate technical vulnerability findings into risk-based language for federal clients and ...
Quick apply
Vulnerability Analyst
Charleston, WV · Remote
$80K - $134K/yr
Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment ... Translate technical vulnerability findings into risk-based language for federal clients and ...
Threat vulnerability Management and reporting Consultant Remote • Responsible for working with individual teams and SLOs in managing threat mitigation for operating systems, third party software ...
Threat vulnerability Management and reporting Consultant Remote • Responsible for working with individual teams and SLOs in managing threat mitigation for operating systems, third party software ...
We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal ...
We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal ...
Role Summary We are seeking a Vulnerability Management engineer to join our team as both a ... This role is eligible for remote work anywhere in the US. Company Overview: UKG is the Workforce ...
Role Summary We are seeking a Vulnerability Management engineer to join our team as both a ... This role is eligible for remote work anywhere in the US. Company Overview: UKG is the Workforce ...
This position is remote and offers benefits ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
This position is remote and offers benefits ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
Project Coordinator / IT Analyst - REMOTE
Schaumburg, IL · On-site +1
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
Project Coordinator / IT Analyst - REMOTE
Schaumburg, IL · On-site +1
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
Raritan, NJ 08869 / REMOTE * Implement capabilities for a global Vulnerability Management program: internal/external exposure, imminent threats, prioritization, remediation facilitation. * Serve as ...
Quick apply
Raritan, NJ 08869 / REMOTE * Implement capabilities for a global Vulnerability Management program: internal/external exposure, imminent threats, prioritization, remediation facilitation. * Serve as ...
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
This position is remote and offers benefits! Responsibilities ... Review and configure Tenable Vulnerability Management for accurate vulnerability identification and ...
Vulnerability Engineer - Remote / Telecommute
Eden Prairie, MN · Remote
$50/hr
Requirement/Must Have: * 1+ years of experience in vulnerability management. * Strong verbal and written communication skills. * Ability to communicate effectively with stakeholders. Responsibilities:
Quick apply
Vulnerability Engineer - Remote / Telecommute
Eden Prairie, MN · Remote
$50/hr
Requirement/Must Have: * 1+ years of experience in vulnerability management. * Strong verbal and written communication skills. * Ability to communicate effectively with stakeholders. Responsibilities:
Information Security Manager (ISM) - Remote US
Irving, TX · On-site +1
Microsoft Defender Vulnerability Management * Understanding of security controls across ... The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum ...
Information Security Manager (ISM) - Remote US
Irving, TX · On-site +1
Microsoft Defender Vulnerability Management * Understanding of security controls across ... The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum ...
Microsoft Defender Vulnerability Management * Understanding of security controls across ... The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum ...
Microsoft Defender Vulnerability Management * Understanding of security controls across ... The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum ...
Microsoft Defender Vulnerability Management * Understanding of security controls across ... The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum ...
Microsoft Defender Vulnerability Management * Understanding of security controls across ... The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum ...
... Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Task Order Project Manager (TOPM) to support our DLA ...
... Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Task Order Project Manager (TOPM) to support our DLA ...
Task Order Project Manager (59904)
Fort Myer, VA · On-site +1
... Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Task Order Project Manager (TOPM) to support our DLA ...
Task Order Project Manager (59904)
Fort Myer, VA · On-site +1
... Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Task Order Project Manager (TOPM) to support our DLA ...
Cybersecurity Operations Analyst II (Chicagoland Remote Only)
La Grange Park, IL · Remote
$95K - $105K/yr
Experience administering endpoint protection, vulnerability management, security logging/SIEM, and ... Remote Work Environment Requirements: * Dedicated, quiet workspace free from distractions to ...
Quick apply
Cybersecurity Operations Analyst II (Chicagoland Remote Only)
La Grange Park, IL · Remote
$95K - $105K/yr
Experience administering endpoint protection, vulnerability management, security logging/SIEM, and ... Remote Work Environment Requirements: * Dedicated, quiet workspace free from distractions to ...
Cybersecurity Operations Analyst II (Chicagoland Remote Only)
La Grange Park, IL · Remote
$95K - $105K/yr
Experience administering endpoint protection, vulnerability management, security logging/SIEM, and ... Remote Work Environment Requirements: * Dedicated, quiet workspace free from distractions to ...
Quick apply
Cybersecurity Operations Analyst II (Chicagoland Remote Only)
La Grange Park, IL · Remote
$95K - $105K/yr
Experience administering endpoint protection, vulnerability management, security logging/SIEM, and ... Remote Work Environment Requirements: * Dedicated, quiet workspace free from distractions to ...
Remote Vulnerability Management information
See salary details
$33.5K - $46.3K
1% of jobs
$46.3K - $59K
0% of jobs
$59K - $71.8K
0% of jobs
$71.8K - $84.6K
0% of jobs
$84.6K - $97.4K
4% of jobs
$109.3K is the 25th percentile. Wages below this are outliers.
$97.4K - $110.1K
21% of jobs
$110.1K - $122.9K
15% of jobs
The median wage is $132.8K / yr.
$122.9K - $135.7K
12% of jobs
$135.7K - $148.5K
14% of jobs
$148.5K - $161.2K
7% of jobs
$161.9K is the 75th percentile. Wages above this are outliers.
$161.2K - $174K
26% of jobs
$33.5K
$137.7K
$174K
How much do remote vulnerability management jobs pay per year?
What are some typical challenges faced in a Remote Vulnerability Management role?
Professionals in Remote Vulnerability Management often encounter challenges such as coordinating remediation efforts across global teams, prioritizing vulnerabilities in large, complex environments, and keeping up with rapidly evolving cyber threats. Working remotely also requires proactive communication to ensure all stakeholders stay informed and aligned on security initiatives. You will need to adapt to different IT infrastructures and collaborate effectively with both technical and non-technical colleagues. Successfully navigating these challenges builds your problem-solving skills and deepens your expertise in protecting organizational assets.
What is a Remote Vulnerability Management job?
A Remote Vulnerability Management job involves identifying, assessing, and mitigating security vulnerabilities in an organization's systems, networks, and applications from a remote location. Professionals in this role use various tools to scan for weaknesses, analyze risks, and collaborate with IT and security teams to implement remediation measures. They also monitor threat intelligence, ensure compliance with security policies, and generate reports on findings. Strong knowledge of cybersecurity frameworks, vulnerability assessment tools, and risk management is crucial for success in this role.
What are the key skills and qualifications needed to thrive in the Remote Vulnerability Management position, and why are they important?
To thrive in Remote Vulnerability Management, you need a solid understanding of cybersecurity principles, vulnerability assessment, and risk mitigation, often supported by a degree in information security or related certifications such as CompTIA Security+ or CISSP. Familiarity with vulnerability scanning tools like Nessus, Qualys, or Rapid7, as well as experience with SIEM platforms and ticketing systems, is essential. Strong analytical skills, problem-solving abilities, and effective written communication are critical for collaborating with distributed teams and reporting findings. These skills ensure accurate identification, remediation of security risks, and smooth teamwork in a remote, fast-paced digital environment.
Full-time
Re-posted 6 days ago
Job description
We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal technology environment. This role is designed for an analyst with approximately 1-3 years of relevant experience who can work hands-on with Tenable/Nessus data, Excel, Power BI, iPost exports, ticketing records, and remediation evidence. The analyst will help identify affected systems, validate findings, track remediation ownership, monitor KEVs and Critical/High vulnerabilities, reconcile data across sources, and support leadership reporting. The role should be positioned as an execution and coordination role. The analyst will not be expected to own enterprise security operations, perform all production patch deployments, or act as the ISSO. The analyst will support TIOCA Security and product/application teams by making vulnerability data accurate, actionable, and reportable.
Primary Responsibilities:
- Tenable/Nessus Vulnerability Analysis, Ad Hoc Scanning, and Native Dashboards
- Perform and Review Tenable/Nessus scan exports and dashboards to identify affected assets, plugins, CVEs, severity, first-seen dates, last-seen dates, plugin output, vulnerability age, and remediation guidance.
- Run approved ad hoc Tenable/Nessus scans when requested by TIOCA Security, product teams, ISSO, or leadership, using approved scan templates, credentialed scan profiles, scan windows, and target lists.
- Create and maintain Tenable/Nessus native dashboards, saved views, reports, filters, asset groups/tags where permitted, and recurring exports for KEVs, Critical/High findings, stale findings, aging, ownership, and validation status.
- Monitor scan jobs, confirm scan completion, export results, identify scan failures or credential issues, and escalate scan coverage or authentication problems to senior security staff or platform administrators.
- Help validate whether findings are true positives, duplicates, stale/residual artifacts, configuration issues, missing patches, unsupported software, or application dependencies.
- Track KEV status, Critical/High vulnerabilities, exploitable findings, internet-facing risk indicators if available, and vulnerabilities tied to DOS or federal remediation timelines.
- Use Tenable/Nessus evidence to support ownership assignment, remediation planning, retest validation, and closure evidence.
- Reconcile Tenable/Nessus data against iPost, ServiceNow/CA ServiceDesk, Jira, POA&M trackers, Excel files, SharePoint trackers, and remediation evidence.
- Escalate unclear Tenable/Nessus findings to senior security staff, system owners, application teams, SO/Windows Services, infrastructure, database teams, or ISSO stakeholders for ownership decisions.
- Operate within approved rules of engagement. The role may run authorized ad hoc scans and build Tenable reports, but is not expected to be the enterprise Tenable platform administrator or final approver for scan policy changes.
- Vulnerability Management Lifecycle Support
- Support the vulnerability lifecycle: intake, triage, validation, ownership assignment, prioritization, remediation tracking, retest support, closure evidence collection, and recurrence monitoring.
- Track KEVs, Critical/High vulnerabilities, EOL/EOS software, iPost findings, POA&M-related findings, patch findings, application-impacting vulnerabilities, and blocked remediation items.
- Identify remediation path options such as patching, software upgrade, dependency upgrade, configuration change, file removal, compensating control, risk acceptance, or decommissioning.
- Document blockers, stale findings, aging risk, unclear ownership, cross-team dependencies, and evidence gaps.
- Help maintain action trackers with owners, due dates, next steps, escalation status, and evidence status.
- Support weekly vulnerability review meetings, Critical/High/KEV response sessions, POA&M reviews, and monthly reporting cycles.
- Metrics, Reporting, and Power BI Dashboarding
- Build and maintain basic to intermediate Power BI dashboards and Excel-based reports for vulnerability posture, Tenable/Nessus findings, iPost/Tenable reconciliation, patch compliance, aging, ownership, and closure evidence.
- Build Tenable/Nessus-native dashboards and reports in addition to Power BI, including saved filters/views for KEVs, Critical/High findings, assets by owner, scan coverage, authentication failures, stale findings, aging, and remediation validation.
- Create report views for open findings by severity, KEV status, application/system, owner/team, age, due date, remediation status, and blocked status.
- Support recurring reports for KEVs, Critical/High findings, EOL/EOS software, Tenable/iPost mismatches, findings awaiting validation, overdue findings, closure trends, and executive summary snapshots.
- Use Power Query, data cleaning steps, relationships, filters, slicers, basic DAX measures, and refresh procedures to make reports repeatable.
- Document KPI definitions, data sources, refresh cadence, report assumptions, ownership rules, and known data-quality limitations.
- Convert technical vulnerability data into clear status reporting that shows risk, owner, due date, blocker, evidence, and decision needed.
- Coordination and Evidence Support
- Coordinate with TIOCA Security, TIOCA Dev/Product teams, SO/Windows Services, production infrastructure, database teams, cloud teams, ISSO teams, and government stakeholders to track remediation through closure.
- Collect and organize closure evidence such as rescans, version checks, ticket notes, screenshots, deployment records, release notes, POA&M artifacts, iPost/Tenable updates, and ISSO validation evidence.
- Help distinguish between product/application responsibilities and production/server-level responsibilities so findings are assigned to the correct owner.
- Support tracking where SO or shared infrastructure owns deployment but TIOCA needs application validation, evidence, or product-owner input.
- Help maintain SOPs, RACI notes, dashboard metric definitions, and remediation workflow documentation.
Required Qualifications:
- 1-3 years of experience in cybersecurity operations, vulnerability management, security operations, cyber GRC, IT operations, application support, or related technical/security work.
- Hands-on exposure to Tenable/Nessus vulnerability data, including plugins, CVEs, severity, affected assets, plugin output, first-seen/last-seen dates, and remediation guidance.
- Ability to run authorized ad hoc Tenable/Nessus scans using approved scan templates, target lists, credentials, scan windows, and documented rules of engagement.
- Ability to create or maintain Tenable/Nessus dashboards, saved filters, reports, and exports for vulnerability review and remediation tracking.
- Ability to work with vulnerability exports from Tenable/Nessus and organize findings in Excel, Power BI, SharePoint, Jira, ServiceNow/CA ServiceDesk, or similar tools.
- Working understanding of vulnerability management concepts such as severity, KEV, CVE, false positive, remediation evidence, rescan validation, aging, ownership, dependencies, risk acceptance, and due dates.
- Intermediate Power BI or reporting experience, including data imports, transformations, tables, charts, filters, slicers, and dashboard maintenance.
- Strong Excel skills, including filtering, lookups, pivots, conditional formatting, data cleanup, and comparison across exports.
- Ability to communicate clearly with technical teams and non-technical stakeholders about finding status, blockers, evidence, and next steps.
- Strong attention to detail and willingness to reconcile messy data across multiple sources.
- Familiarity with iPost, Tenable/Nessus, ServiceNow, Jira, ServiceDesk, SharePoint, Power BI, Splunk, or similar reporting/security tools.
- Exposure to application development, product teams, DevSecOps, SAST, SCA, DAST, container scanning, secrets scanning, or SBOM tooling.
- Experience tracking EOL/EOS software, patch compliance, POA&M aging, remediation exceptions, risk acceptance, or closure evidence.
Preferred Qualifications
- Experience supporting federal government cybersecurity programs or regulated environments.
- Familiarity with NIST SP 800-53, RMF, A&A, ATO, POA&M tracking, CISA KEV, BOD 22-01, FedRAMP, or federal vulnerability remediation expectations.
- Exposure to application development, product teams, DevSecOps, SAST, SCA, DAST, container scanning, secrets scanning, or SBOM tooling.
- Basic understanding of Windows Server, Windows workstation, .NET Framework, Java JRE, SQL Server, browser updates, endpoint agents, and common enterprise patching concepts.
About InstantServe
Sourced by ZipRecruiter
InstantServe provides a one-stop solution to all Healthcare, IT/Non-IT Staffing needs. Established in 2016, InstantServe is a strong workforce of over 100+ go-getters with a demonstrated background in IT/Non-IT service. We are a nationally certified SBE from the Department of Administration (State of PA). As a proud Minority Woman Owned Small Business Enterprise (M/WBE), InstantServe boasts of a strong team of professionals who have extensive experience catering to several Federal, Public, Commercial, and Healthcare Clients which includes 26 States and 46 government agencies. InstantServe is a client-centric organization that offers cost-effective and reliable solutions. Client satisfaction is sacrosanct! Our team strives to provide the best staffing and IT solutions to take your business to the next level.
Industry
Recruiting and staffing services
Company size
11 - 50 Employees
Headquarters location
Wayne, PA, US
Year founded
2016