Vulnerability Analyst - Remote

Overview

cFocus Software seeks a Vulnerability Analyst to join our program supporting the Department of Health and Human Services (HHS). This position is remote and requires the ability to obtain a Public Trust clearance.

In Short

• Perform daily and ad hoc vulnerability scans across various systems.
• Analyze scan results to assess risk and provide remediation guidance.
• Maintain operational health of vulnerability scanning tools.
• Coordinate with vendors and teams to resolve tool-related issues.
• Support penetration testing and application security testing activities.
• Integrate automated vulnerability testing into CI/CD pipelines.
• Develop vulnerability dashboards and reports for stakeholders.
• Support incident response activities with vulnerability data.
• Maintain SLAs for vulnerability scanning requests.
• Develop and maintain SOPs and technical documentation.

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, or related field.
• 5–7 years of experience in vulnerability management or security operations.
• Strong understanding of NIST SP 800-53, SP 800-30, SP 800-137.
• Experience in federal environments.
• Familiarity with secure configuration standards (DISA STIGs, CIS Benchmarks).
• Strong analytical, documentation, and communication skills.
• Relevant cybersecurity certifications (CEH, Security+, CISSP, GIAC).

Benefits

• Remote work flexibility.
• Opportunities for professional development.
• Supportive team environment.
• Engagement with critical federal projects.
• Competitive salary and benefits package.