Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Risk and Vulnerability Analyst II

Revolutional

Revolutional delivers advanced technology solutions and mission support to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML, cloud, cybersecurity, and IT modernization to solve complex challenges, enable faster and more secure operations, and drive measurable mission outcomes. We are redefining how federal technology gets built and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy. Title: Risk and Vulnerability Analyst II Location: Washington, DC or Chandler, AZ Terms: Full-time Clearance: Secret eligibility required Travel: 0-20% As a Risk and Vulnerability Analyst II at Revolutional, you own the scanning and vulnerability identification pipeline across a large‑scale federal enterprise. You run ad hoc and automated scans across operating systems, databases, web applications, cloud environments, and APIs — and you do it with the precision and consistency that compliance‑driven federal programs demand. You are technically skilled and operationally reliable. You troubleshoot scanning issues before they become coverage gaps, automate what can be automated, and produce findings that give security teams and leadership an accurate picture of enterprise risk. You are organized, customer‑focused, and understand that vulnerability management is a service function as much as a technical one. Responsibilities Execute ad hoc and automated vulnerability scans across operating systems, databases, and web applications using industry‑accepted scanning tools Conduct cloud compliance scans across federal and commercial cloud environments; troubleshoot scanning configuration issues and ensure continuous coverage Perform on‑site scanning operations as required, coordinating with system owners and network teams to maintain scan fidelity and minimize operational impact Execute Information Security Vulnerability Management (ISVM) scans and ensure results align with compliance requirements and program reporting standards Conduct API discovery and scanning to identify undocumented or unsecured API endpoints across the enterprise environment Develop and maintain scanning automation to improve coverage, consistency, and efficiency across the vulnerability management program Triage and validate scan findings; differentiate true positives from false positives and prioritize results based on risk and asset criticality Track vulnerability findings through the remediation lifecycle; coordinate with system owners and security teams to ensure timely closure Produce clear, accurate vulnerability reports and compliance dashboards for technical teams and program leadership Maintain scanning tool configurations, credentials, and schedules; ensure tooling remains current and aligned with the evolving enterprise asset inventory Support continuous monitoring requirements and contribute to FISMA compliance reporting as it relates to vulnerability management What You Bring (Requirements) Baseline Requirements Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience) 3 to 5 years of security‑related experience with a focus on vulnerability management and scanning operations Secret eligibility required Technical & Domain Capabilities Hands‑on experience with industry‑accepted vulnerability scanning tools (e.g., Tenable Nessus, Qualys, Rapid7, or equivalent) for OS, database, and web application scanning Experience conducting cloud compliance scans across commercial or GovCloud environments Experience with on‑site scanning operations and troubleshooting scanning‑related issues including authentication, network access, and tool configuration Experience with ISVM scans and federal vulnerability management compliance requirements Experience with API discovery and scanning methodologies and tools Demonstrated ability to automate scanning workflows using scripting, scheduling tools, or platform‑native automation capabilities Familiarity with vulnerability scoring frameworks (CVSS) and risk‑based prioritization of findings Understanding of federal security compliance requirements including FISMA and NIST RMF as they apply to vulnerability management Core Strengths Highly organized: you manage multiple scan schedules, asset inventories, and remediation tracks simultaneously without dropping coverage Customer‑service oriented — you work collaboratively with system owners and technical teams, not around them Detail‑oriented with strong documentation habits; your scan configurations and findings are reproducible and audit‑ready Problem‑solver who troubleshoots scanning issues independently and doesn’t wait for perfect conditions to maintain coverage Nice to Have (Differentiators) Vulnerability management certifications: Tenable Certified Security Associate, Qualys Certified Specialist, or equivalent platform certification Security certifications: CompTIA Security+, CySA+, or equivalent Experience with vulnerability management in a federal civilian or defense environment Familiarity with SCAP (Security Content Automation Protocol) and STIG compliance scanning Experience integrating vulnerability scan data into SIEM platforms or risk dashboards Background in API security testing or web application vulnerability assessment Active Secret clearance Benefits Traditional and HSA‑eligible medical insurance plans 100% employer‑paid dental and vision insurance options 100% employer‑sponsored STD, LTD, and life insurance 5% 401(k) company matching Flexible‑schedules and teleworking options Paid holidays and PTO Accrual Plans Paid Parental Leave Professional development and career growth opportunities Team and company‑wide events, recognition, and appreciation Revolutional is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Revolutional does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contact View email address on click.appcast.io. #J-18808-Ljbffr Revolutional

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Risk and Vulnerability Analyst II in Washington DC vacancy
  • Revolutional is looking for a Risk and Vulnerability Analyst II in Washington, DC. You will lead vulnerability scanning efforts across a large-scale federal enterprise, ensuring compliance and security across various systems. The ideal candidate has 3 to 5 years of experience... 
    Risk
    Remote job
    Full time
    Flexible hours

    Revolutional

    Washington DC
    3 days ago
  • $140.5k - $210.5k

    Sr. Cybersecurity Analyst II (Sr Vulnerability Analyst) - Information Technology Primary Location: DC‑Washington Employee Status: Regular Overtime...  ...and compromises; author project plans, schedules, and risk assessments. Qualifications Minimum Education: Bachelor’s... 
    Risk
    Work at office
    Relocation

    Federal Reserve System

    Washington DC
    4 days ago
  •  ...leadership, and trusted results to enable national security missions worldwide. Job Description Overview SOSi is seeking a Risk and Vulnerability Analyst II to support vulnerability assessment and risk analysis activities in alignment with our customer. This role is... 
    Risk
    Contract work
    Work at office
    Worldwide
    Monday to Friday
    Weekend work
    Afternoon shift

    SOSi

    Washington DC
    3 days ago
  • A leading technology and services integrator in Washington is seeking a Risk and Vulnerability Analyst II to support its vulnerability assessment and risk analysis activities. The role includes conducting vulnerability scanning, troubleshooting scan issues, and improving... 
    Risk
    Contract work
    Weekend work
    Afternoon shift

    SOSi

    Washington DC
    3 days ago
  • $140.5k - $210k

     ...adequately protected. Able to characterize and manage complex risks to mitigate cyber threats. With limited guidance, proactively...  ...containment, eradication, and remediation. Oversees implementation of vulnerability scans and ensures operational systems are adequately patched... 
    Risk
    Full time
    Work at office

    Federal Reserve Board

    Washington DC
    4 days ago
  • Watermark Risk Management International, LLC is seeking an Information Systems Security Officer II to support DoD and government contracting environments in Washington, DC. The role focuses on ensuring proper authorization packages, maintaining security documentation,... 
    Risk

    Watermark Risk Management International, LLC

    Washington DC
    3 days ago
  •  ...dedication to excellence.     This candidate will execute vulnerability identification, scanning, analysis, and coordination to reduce...  ...on-site scanning as required. Analyze findings, prioritize risk, and track remediation progress. Troubleshoot scanning... 
    Risk
    Work at office

    True Zero Technologies

    Washington DC
    2 days ago
  • $87.1k - $157.45k

     ...Leidos has a career opportunity for a Vulnerability Management Analyst to support the Air Force National Capital...  ...to help identify potential CAT I/II/III findings, false positives, and basic...  ...knowledge of DISA STIGs, vulnerability risk levels, and POA&M remediation... 
    Risk
    Work at office
    Local area
    Immediate start
    Worldwide

    Leidos

    Suitland, MD
    3 days ago
  • $97.24k - $131.56k

     ...Required: None Job Family: Cyber and IT Risk Management Job Description: The ISSO is...  ...assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the...  ...Certifications: ~ IAT Level II or IAM Level II (Security+ CE, CCNA Security... 
    Risk
    Full time
    Temporary work
    Part time
    Work at office
    Immediate start
    Remote work
    Worldwide
    Flexible hours

    General Dynamics

    Washington DC
    2 days ago
  •  ...DHS Information System Security Officer II Location: NCR Clearance: TS/SCI OneZero...  ...Act (FISMA) compliance, execution of the Risk Management Framework (RMF) process to achieve...  ...of security assessments, audits, and vulnerability management programs, identifying and mitigating... 
    Risk
    Full time
    Contract work
    Work at office

    OneZero Solutions

    Washington DC
    3 days ago
  • $97.24k - $118.56k

    Information Systems Security Officer II Responsibilities Assist the ISSM in meeting...  ...assessment plans Identify cyber security vulnerabilities and assist with the implementation of the...  ...federal, state, and local laws. #J-18808-Ljbffr Watermark Risk Management International, LLC
    Risk
    Hourly pay
    Contract work
    For contractors
    Work experience placement
    Local area

    Watermark Risk Management International, LLC

    Washington DC
    3 days ago
  •  ...Information System Security Manager (ISSM) II to oversee and manage the implementation...  ...posture of information systems, managing risk, and maintaining compliance with...  ...Monitor system security posture and respond to vulnerabilities, incidents, and threats Coordinate security... 
    Risk

    PROVATOHR INC

    Washington DC
    4 days ago
  • $114.94k - $138.48k

    IT Security Specialist II - Security Operations & Compliance GAMA-1 Technologies, LLC...  ...and monitoring tools to identify vulnerabilities and monitor system security. Collect, organize...  ...and timely resolution of identified risks. Maintain awareness of evolving cybersecurity... 
    Risk
    Full time
    Contract work
    Work experience placement
    Work at office
    Remote work
    Overseas
    1 day per week

    GAMA-1 Technologies

    Washington DC
    4 days ago
  • Description The Cyber Security Specialist II/III supports cybersecurity engineering...  ...monitor security posture, and remediate vulnerabilities across supported systems. This position is...  ...support security control implementation and risk reduction. Active DoD Secret clearance (... 
    Risk
    Work at office

    Warrant Technologies LLC.

    Washington DC
    5 days ago
  • $95k - $112k

     ...assess the security of customer systems. Identify vulnerabilities and develop recommended remediations to satisfy mandated...  ...Tester (GXPN) Zero Point Security Red Team Ops II Advanced understanding of the following: NIST Risk Management Framework (RMF) and the Assessment and... 
    Risk
    Contract work
    Remote work

    SkyePoint Decisions

    Arlington, VA
    2 days ago
  • $86k - $138k

     ...the security of customer systems. Identify vulnerabilities and develop recommended remediations to satisfy...  ...Tester (GXPN) Zero Point Security Red Team Ops II Advanced understanding of the following: NIST Risk Management Framework (RMF) and the Assessment... 
    Risk
    Contract work
    Flexible hours
    Shift work

    Peraton

    Arlington, VA
    5 days ago
  • Our client is seeking a Network Vulnerability Analyst to join their team in Washington, D.C. . As a key part of the security team, you will support...  ...technical and executive audiences, including metrics and risk summaries. Qualifications 5+ years of IT experience, with... 
    Risk

    Experis

    Washington DC
    3 days ago
  • $104.04k - $140.76k

    Watermark Risk Management International, LLC is seeking a Program Security Representative II in Washington, DC. This role focuses on providing comprehensive security support for Special Access Programs, ensuring robust adherence to security protocols and conducting compliance... 
    Risk

    Watermark Risk Management International, LLC

    Washington DC
    3 days ago
  • A security services company is hiring a Security Specialist II - Risk Assessment Specialist in Washington, DC. This full-time role requires managing the Position Description database, conducting Risk Designation assessments, and maintaining accurate contractor information... 
    Risk
    Full time
    For contractors

    ARMADA, Ltd.

    Washington DC
    2 days ago
  •  ...U.S. Government customer to provide cybersecurity vulnerability analysis support to reduce the prevalence and impact...  ...Resources (CIKR). The Cybersecurity Vulnerability Analyst utilizes cybersecurity best practices, risk management techniques, critical thinking, and strong... 
    Risk

    Node.Digital

    Arlington, VA
    5 days ago
  •  ...Business.   SUBJECT MATTER EXPERTS  specializing in security and risk management. We’re intimately familiar with DOD security programs...  ..., our people come first!   Activity Security Representative II The Activity Security Representative’s primary function is to... 
    Risk
    Hourly pay
    Contract work
    For contractors
    Work experience placement
    Local area

    Watermark Risk Management International, LLC

    Arlington, VA
    4 days ago
  • Armada is seeking a Security Specialist II - Risk Assessment to manage the Position Description (PD) database, identify PDs needing risk designations, and maintain accurate contractor and vendor data. The role supports the SOC with assessments, form processing, and investigations... 
    Risk
    For contractors

    Armada

    Washington DC
    2 days ago
  • $110.39k - $172.66k

     ...leading engineering firm is seeking a Project Controls Specialist II to support project management for infrastructure projects in...  ...controls. Strong analytical skills and experience with budgeting and risk management are crucial. The role is based in Washington, DC with... 
    Risk

    HNTB

    Washington DC
    3 days ago
  •  ...Apply today and be more with Baker. Summary The Project Manager II provides overall management direction on complex project(s). Establishes...  ...Manages the Construction Process Manages Project Safety and Risk Management Processes Ensures a Safe Work Environment Participates... 
    Risk
    For contractors

    baker construction

    Arlington, VA
    5 days ago
  • $60k - $180k

     ...Penetration Tester II Chandler, AZ or Washington, DC - Secret clearance required M9 Solutions is dedicated to providing IT services and solutions to the Federal Government by mobilizing the right people, skills, clearance levels, and technologies to help organizations... 
    Contract work

    M9 Solutions

    Washington DC
    1 day ago
  • $90k - $105k

     ...methodologies, tools, and templates for consistent project delivery. Risk Management: Identify potential project risks, develop mitigation...  ...or utilities, preferably within a PMO setting. Level II - 5-7 years of project management experience, in construction or... 
    Risk

    Campos EPC

    Washington DC
    3 days ago
  •  ...in securing complex systems, conducting risk assessments, designing secure system architectures...  ...system compliance with IASAE Level II frameworks and DoD regulations. Conduct security assessments, gap analyses, and vulnerability mitigation planning. Technical... 
    Risk
    Full time
    Remote work

    Nationwide IT Services, Inc.

    Arlington, VA
    3 days ago
  • $140k - $150k

     ...Job Title: Project Manager II Location: Silver Spring, MD - Hybrid Clearance Required: Public Trust Eligible Salary Range: $140K - $...  ...Plan (PMP). Manage project scope, schedule, staffing, deliverables, risks, and overall contract performance. Coordinate and oversee day-to-... 
    Risk
    Contract work
    For contractors
    Work at office

    Creative Solutions Services, LLC

    Silver Spring, MD
    5 days ago
  • $55k - $105k

     ...and individuals around the globe address their most significant risk, workforce, wealth management and retirement challenges through custom...  .... To learn more, please visit: Summary: The Account Manager II is responsible for working with Producers and Account Executives... 
    Risk

    WORK180 USA

    Bethesda, MD
    2 days ago
  • $80k - $128k

    A leading national security company is seeking a Risk and Vulnerability Analyst to support the Security Operations Center by identifying and analyzing vulnerabilities and risks. This position requires a Bachelor's degree in Cybersecurity or similar, at least 2 years in... 
    Risk

    Peraton

    Washington DC
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Risk and Vulnerability Analyst II. Be the first to apply!