Vulnerability Scanner Operator Jobs in Maryland (NOW HIRING)

Role Summary

The Lead Vulnerability Management Analyst is responsible for overseeing the identification, assessment, prioritization, and remediation coordination of security vulnerabilities across the organization's technology environment. This role provides technical leadership in vulnerability management operations, partners closely with infrastructure, application, cloud, and security teams, and helps drive continuous improvement of the organization's security posture.

The ideal candidate combines deep technical knowledge of vulnerability management practices with strong leadership, communication, and risk-based decision-making skills.

Responsibilities

• Lead the enterprise vulnerability management program, including vulnerability scanning, analysis, prioritization, reporting, and remediation tracking.
• Review and validate vulnerability scan results from infrastructure, endpoints, applications, containers, cloud platforms, and other technology assets.
• Analyze vulnerabilities for exploitability, business impact, and remediation urgency using risk-based methodologies.
• Partner with IT, engineering, application development, cloud, and infrastructure teams to coordinate remediation activities and reduce risk.
• Establish and maintain vulnerability management processes, standards, procedures, and service level expectations.
• Provide guidance on remediation strategies, compensating controls, and exception handling where immediate remediation is not feasible.
• Monitor emerging threats, zero-day vulnerabilities, and industry advisories to assess organizational exposure and recommend response actions.
• Lead efforts to improve scanning coverage, asset visibility, reporting accuracy, and remediation effectiveness.
• Develop and present metrics, dashboards, and executive-level reporting on vulnerability trends, remediation performance, and risk posture.
• Support internal and external audits, regulatory requirements, and security assessments related to vulnerability management.
• Collaborate with incident response, threat intelligence, security operations, and governance teams to align vulnerability priorities with active threats and business risk.
• Mentor junior analysts and provide technical leadership across vulnerability assessment and remediation efforts.
• Evaluate and optimize vulnerability management tools, integrations, and automation capabilities.

Qualifications

Required:

• Bachelor's degree in Information Security, Computer Science, Information Technology, or related field; or equivalent practical experience.
• 6+ years of experience in cybersecurity, with significant experience in vulnerability management, security operations, or infrastructure/application security.
• Strong understanding of vulnerability assessment tools and platforms such as Tenable, Qualys, Rapid7, or similar solutions.
• Experience analyzing vulnerabilities across operating systems, networks, databases, applications, cloud environments, and containers.
• Knowledge of CVSS, Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and risk-based vulnerability prioritization.
• Familiarity with enterprise operating environments including Windows, Linux, cloud platforms, virtualization, and network technologies.
• Experience working with remediation teams to drive issue resolution in complex enterprise environments.
• Strong written and verbal communication skills, including the ability to explain technical findings to non-technical stakeholders.
• Demonstrated ability to lead initiatives, influence cross-functional teams, and manage competing priorities.

Preferred:

• Relevant certifications such as CISSP, GIAC, Security+, GSEC, GPEN, or similar.
• Experience with cloud security and vulnerability management in AWS, Azure, or Google Cloud environments.
• Familiarity with DevSecOps practices, container security, and CI/CD pipeline scanning.
• Experience with scripting or automation using Python, PowerShell, Bash, or similar languages.
• Knowledge of regulatory and compliance frameworks such as NIST, ISO 27001, CIS Controls, PCI DSS, or SOX.
• Experience with ticketing, workflow, and reporting tools such as ServiceNow, Jira, Power BI, or Tableau.

Key Competencies:

• Technical leadership
• Risk-based decision making
• Analytical problem solving
• Cross-functional collaboration
• Process improvement
• Executive communication
• Attention to detail
• Operational accountability

Success Measures:

• Reduction in critical and high-risk vulnerabilities across the environment
• Improvement in remediation timeliness and SLA performance
• Increased vulnerability scanning coverage and asset visibility
• Quality and clarity of reporting to technical and executive stakeholders
• Strong partnership with infrastructure, engineering, and application teams
• Maturity improvements in the vulnerability management program

FINRA Requirements

FINRA licenses are not required and will not be supported for this role.

Work Flexibility

This role is eligible for hybrid work, with up to three days per week from home.

Important Note: This role typically operates in a hybrid office and remote environment and may require occasional after-hours support for critical vulnerability response activities.