[Remote] security and vulnerability analyst
Note: The job is a remote job and is open to candidates in USA. Recurring Decimal is focused on cloud security and vulnerability management, and they are seeking a Security and Vulnerability Analyst to define and implement secure AWS reference architectures. The role involves managing the vulnerability lifecycle, integrating scanning tools, and automating remediation workflows to improve the organization's security posture.
Responsibilities
• Define and implement secure AWS reference architectures aligned to NIST, CIS, ISO 27001, SOC2, and industry-specific regulations
• Own enterprise cloud vulnerability management lifecycle across EC2, EKS, Lambda, Containers, AMIs, base images
• Integrate scanning tools Qualys / Tenable / Prisma / Wiz / Aqua / Snyk
• Automate remediation workflows using: AWS Systems Manager, Lambda-based automation, CI/CD pipeline integrations
• Track MTTR reduction and drive measurable vulnerability posture improvement
• Lead executive reporting for security posture and risk dashboards
• Own the end-to-end vulnerability management lifecycle, identifying, prioritizing, and remediating vulnerabilities based on risk, exposure, and business impact
• Develop automation scripts (Python/Bash) to streamline scanning, reporting, and patching of vulnerabilities, leveraging tools like Amazon Inspector
• Conduct continuous configuration management and identify 'drift' to prevent security misconfigurations before they are exploited
• Exp with AWS AI services like Bedrock, AgentCore
Skills
• Define and implement secure AWS reference architectures aligned to NIST, CIS, ISO 27001, SOC2, and industry-specific regulations
• Own enterprise cloud vulnerability management lifecycle across EC2, EKS, Lambda, Containers, AMIs, base images
• Integrate scanning tools Qualys / Tenable / Prisma / Wiz / Aqua / Snyk
• Automate remediation workflows using: AWS Systems Manager, Lambda-based automation, CI/CD pipeline integrations
• Track MTTR reduction and drive measurable vulnerability posture improvement
• Lead executive reporting for security posture and risk dashboards
• Own the end-to-end vulnerability management lifecycle, identifying, prioritizing, and remediating vulnerabilities based on risk, exposure, and business impact
• Develop automation scripts (Python/Bash) to streamline scanning, reporting, and patching of vulnerabilities, leveraging tools like Amazon Inspector
• Conduct continuous configuration management and identify 'drift' to prevent security misconfigurations before they are exploited
• Exp with AWS AI services like Bedrock, AgentCore
• Certifications: AWS Certified Security—Specialty, Certified Information Systems Security Professional (CISSP), or Certified Cloud Security Professional (CCSP)
Company Overview
• Recurring Decimal is a privately held company specializing in niche technology skills for specific business needs. It was founded in 2012, and is headquartered in Phoenix, Arizona, USA, with a workforce of 11-50 employees. Its website is https://www.recurringdecimal.com.
Company H1B Sponsorship
• Recurring Decimal has a track record of offering H1B sponsorships, with 6 in 2025, 3 in 2024, 2 in 2023, 1 in 2022, 2 in 2021, 2 in 2020. Please note that this does not guarantee sponsorship for this specific role.
Apply tot his job
Apply To this Job
Responsibilities
• Define and implement secure AWS reference architectures aligned to NIST, CIS, ISO 27001, SOC2, and industry-specific regulations
• Own enterprise cloud vulnerability management lifecycle across EC2, EKS, Lambda, Containers, AMIs, base images
• Integrate scanning tools Qualys / Tenable / Prisma / Wiz / Aqua / Snyk
• Automate remediation workflows using: AWS Systems Manager, Lambda-based automation, CI/CD pipeline integrations
• Track MTTR reduction and drive measurable vulnerability posture improvement
• Lead executive reporting for security posture and risk dashboards
• Own the end-to-end vulnerability management lifecycle, identifying, prioritizing, and remediating vulnerabilities based on risk, exposure, and business impact
• Develop automation scripts (Python/Bash) to streamline scanning, reporting, and patching of vulnerabilities, leveraging tools like Amazon Inspector
• Conduct continuous configuration management and identify 'drift' to prevent security misconfigurations before they are exploited
• Exp with AWS AI services like Bedrock, AgentCore
Skills
• Define and implement secure AWS reference architectures aligned to NIST, CIS, ISO 27001, SOC2, and industry-specific regulations
• Own enterprise cloud vulnerability management lifecycle across EC2, EKS, Lambda, Containers, AMIs, base images
• Integrate scanning tools Qualys / Tenable / Prisma / Wiz / Aqua / Snyk
• Automate remediation workflows using: AWS Systems Manager, Lambda-based automation, CI/CD pipeline integrations
• Track MTTR reduction and drive measurable vulnerability posture improvement
• Lead executive reporting for security posture and risk dashboards
• Own the end-to-end vulnerability management lifecycle, identifying, prioritizing, and remediating vulnerabilities based on risk, exposure, and business impact
• Develop automation scripts (Python/Bash) to streamline scanning, reporting, and patching of vulnerabilities, leveraging tools like Amazon Inspector
• Conduct continuous configuration management and identify 'drift' to prevent security misconfigurations before they are exploited
• Exp with AWS AI services like Bedrock, AgentCore
• Certifications: AWS Certified Security—Specialty, Certified Information Systems Security Professional (CISSP), or Certified Cloud Security Professional (CCSP)
Company Overview
• Recurring Decimal is a privately held company specializing in niche technology skills for specific business needs. It was founded in 2012, and is headquartered in Phoenix, Arizona, USA, with a workforce of 11-50 employees. Its website is https://www.recurringdecimal.com.
Company H1B Sponsorship
• Recurring Decimal has a track record of offering H1B sponsorships, with 6 in 2025, 3 in 2024, 2 in 2023, 1 in 2022, 2 in 2021, 2 in 2020. Please note that this does not guarantee sponsorship for this specific role.
Apply tot his job
Apply To this Job