Vulnerability Management Analyst- Secret Clearance Required

Remote Full-time
About the position

Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and other commercial customers. You’ll be responsible for identifying, assessing, prioritizing, and tracking remediation of security vulnerabilities across our technology environment. You will partner with infrastructure, application, and security teams to ensure risks are properly understood, addressed, and reported.

Responsibilities
• Perform regular vulnerability scans across cloud, on-prem, application, and endpoint environments.
• Analyze scan results, validate findings, and assign severity based on industry standards (e.g., CVSS), business context, and exploitability.
• Work collaboratively with engineering and operations teams to drive timely remediation of vulnerabilities.
• Monitor external threat intelligence and evaluate emerging vulnerabilities (e.g., zero-days, trending exploits).
• Maintain the vulnerability management platform and improve scanning coverage and accuracy.
• Support patch management processes and ensure alignment with remediation SLAs.
• Assist in developing and refining policies, procedures, and best practices for vulnerability management.
• Participate in incident response efforts when vulnerabilities contribute to active threats.

Requirements
• 7+ years of experience in cybersecurity, vulnerability management, or related fields.
• Hands-on experience with tools such as Tenable, Qualys, Rapid7, OpenVAS, or similar.
• Strong understanding of CVE, CVSS, NIST, CIS benchmarks, and vulnerability classification frameworks.
• Familiarity with cloud platforms (AWS, Azure, GCP)
• Ability to interpret vulnerability findings, identify actual risk, and communicate clearly with technical and non-technical stakeholders.
• Knowledge of patch management practices and change management workflows.
• Understanding of network architecture, security controls, and common attack vectors.
• Excellent analytical and problem-solving skills, with a keen attention to detail.
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams
• Must be a US citizen

Nice-to-haves
• Relevant certifications (Security+, CySA+, CEH, GSEC, or similar).
• Experience with automation or scripting (Python, PowerShell, Bash).
• Background in secure configuration management, container security, or DevSecOps tooling.
• Knowledge of SIEM or threat detection platforms.

Benefits
• We offer a competitive benefits package, covering the cost of medical for you and your family; we also offer dental, vision, health and wellness benefits and a generous retirement savings plan.
• We believe that our employees can manage their workload and their personal life, therefore we extend a generous PTO policy.
• This allows our employees to balance their lives as they see fit.

Apply tot his job

Apply To this Job

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Data Entry Executive – Ground Operations Agent at careerzynith

Remote

Senior Manager, Data Analytics - Advanced Analytics - Multi Touch Attribution

Remote

Technical Security Delivery Lead

Remote

Senior/Staff Fuse Developer

Remote

Behavioral Health Social Worker - Remote- Remote

Remote

Regional Analyst, North America 12 Month FTC @NET-A-PORTER

Remote

New York Workers' Compensation Customer Service Representative/ IME Scheduler

Remote

QuickBase Developer @ Remote - Remote Role (CST/MST) - C2C / W2 Contract

Remote

Analyst, Sales Operations (Remote- USA)

Remote

Experienced Data Entry Specialist – Remote Work From Home Position | $35/Hour | Content Data Management

Remote
← Back