Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Vulnerability Analyst

$78k - $135k

Coalfire-

What You'll Do Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment justification, and deviation requests in coordination with 3PAO assessors and federal stakeholders Collect, organize, and maintain security control evidence and artifacts for monthly continuous monitoring deliverables and assessment/authorization activities, ensuring alignment with FedRAMP, HITRUST, PCI, and similar frameworks Maintain accurate system inventory and authorization boundary documentation to ensure scanning scope aligns with approved system boundaries Analyze scan results for false positives, document justifications, and prepare deviation requests with supporting risk assessments Translate technical vulnerability findings into risk‑based language for federal clients and authorization officials, presenting monthly status briefings as needed Collaborate with development, SRE, and infrastructure teams to integrate vulnerability management into CI/CD pipelines, cloud environments (AWS, Azure, GCP), and container/Kubernetes platforms Participate in change management processes to ensure continuous monitoring activities align with system changes and maintain compliance posture Support and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches Run regular and on‑demand scans across operating systems, databases, web applications, and containers, then work with technical teams to create tickets for remediation Track and document vendor dependencies, operational requirements, and open vulnerabilities, producing clear monthly reports and updates for clients Contribute to improving internal standards and processes, including maintaining documentation, training materials, and standard operating procedures What You'll Bring 3–5 years of professional experience in vulnerability management, compliance monitoring, or related security operations roles Hands‑on expertise with operating system, database, network, container, web application, and API vulnerability management Direct experience supporting vulnerability management in at least two of the following cloud providers: AWS, Azure, GCP Background working within at least one compliance framework (for example, FedRAMP, HITRUST, PCI), including risk assessment and reporting Experience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams Administrator‑level certification in AWS, Azure, or GCP Working knowledge of cloud architecture and security controls in AWS, Azure, or GCP, including ability to assess attack surfaces and recommend cloud‑native remediation approaches Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks Understanding of NIST 800‑53 security controls, particularly RA‑5, SI‑2, CM‑6, and how continuous monitoring supports control implementation Experience with STIG benchmarks and automated compliance scanning tools (SCAP, SCC) Familiarity with baseline configuration standards (CIS Benchmarks, vendor hardening guides) and compliance posture reporting Ability to distinguish false positives from true vulnerabilities and articulate risk‑based justifications for deviation requests Proficiency in scripting languages (Python, PowerShell, Bash) for task automation, report generation, and remediation workflows Strong client‑facing communication and documentation skills, with ability to present technical findings to federal stakeholders and produce timely compliance reports Ability to work efficiently with cross‑functional technical teams to investigate, prioritize, and coordinate vulnerability remediation efforts Bachelor's degree or equivalent work experience US citizenship (required due to client contractual requirements) Bonus Points Security‑focused cloud certifications for AWS, Azure, or GCP CISSP certification Familiarity with container security scanning tools (Trivy, Anchore, Snyk) and Kubernetes security postures Knowledge of software composition analysis (SCA) and static/dynamic application security testing (SAST/DAST) tools Familiarity with CI/CD security integration patterns and DevSecOps toolchains $78,000 - $135,000 a year The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at View email address on click.appcast.io. #J-18808-Ljbffr Coalfire-

Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Vulnerability Analyst in New York, NY vacancy
  •  ...A premier health institution in New York is looking for a Sr. II Security Analyst specializing in vulnerabilities. This role involves conducting security assessments, analyzing security data, and coordinating remediation efforts. Candidates should have a Bachelor's degree... 
    Suggested

    NYU Langone

    New York, NY
    3 days ago
  • $78k - $135k

    Coalfire, located in Chicago, Illinois, is seeking a Vulnerability Management professional to oversee the lifecycle of security programs and manage compliance with key frameworks. Ideal candidates will have 3-5 years of experience in security operations and a strong understanding... 
    Suggested

    Coalfire-

    New York, NY
    4 days ago
  • Alignerr is seeking a Vulnerability Management Analyst to help train and evaluate AI models by analyzing CVEs, exposure scenarios, and remediation workflows. This remote, hourly contract role offers flexible scheduling and global collaboration for qualified security practitioners... 
    Suggested
    Remote job
    Hourly pay
    Contract work
    Flexible hours

    Alignerr

    New York, NY
    1 day ago
  • cFocus Software Incorporated is seeking an Infrastructure Scanning Analyst to support the National Institutes of Health (NIH). This fully...  ...a Public Trust clearance and involves conducting detailed vulnerability assessments in various systems. The ideal candidate will... 
    Suggested
    Remote job

    cFocus Software Incorporated

    New York, NY
    3 days ago
  • A technical staffing firm is seeking an IT Analyst for a remote contract position. The role involves reviewing Tenable Vulnerability Management systems, analyzing reports, prioritizing remediation efforts, and coordinating with technical teams. Ideal candidates should have... 
    Suggested
    Remote job
    Contract work

    ViziRecruiter,LLC.

    New York, NY
    2 days ago
  •  ...Experience Range: 8-10 years Our client is seeking a Penetration Tester with 8-10 years of experience to review and validate vulnerability reports, perform targeted retesting, and coordinate remediation efforts across development and infrastructure teams.... 
    Contract work
    Remote work

    RIT Solutions, Inc.

    New York, NY
    5 days ago
  •  ...Penetration Tester (Ethical Hacker) We are seeking a skilled Penetration Tester to identify, assess, and help remediate security vulnerabilities across applications, networks, cloud environments, and enterprise systems. The ideal candidate will perform authorized security... 
    Full time
    Remote work

    Ova Technologies

    New York, NY
    4 days ago
  • $110k - $130k

    Position Title Vulnerability Management Analyst 2 Posting Information Posting Number: 2026-15806 Location: US-NY-New York Hybrid Remote Work Classification: Mostly Remote: Remote more than 60% of time Department: Security Operations School/Division: NYU IT (WS1170... 
    Full time
    Part time
    Work experience placement
    Remote work

    New York University

    New York, NY
    3 days ago
  • ManpowerGroup is seeking a Vulnerability Management Analyst to oversee Enterprise Payments vulnerabilities. This remote position requires expertise in the Brinqa Vulnerability tool and advanced Excel skills to effectively lead remediation efforts and analyze vulnerability... 
    Remote job

    ManpowerGroup

    New York, NY
    1 day ago
  • Experis US LLC is looking for a Vulnerability Management Analyst to manage vulnerabilities in Enterprise Payments. This role involves reviewing vulnerability reports, leading remediation efforts, and producing analytics while working remotely. The ideal candidate will... 
    Remote job

    Experis US LLC

    New York, NY
    1 day ago
  • $100k - $145k

     ...to benefit people and society. Join us and be part of meaningful change! Job Description We are looking for an IT Risk & Vulnerability Analyst to support one of our strategic CIB clients in keeping their software secure and up to date. The ideal candidate has experience... 

    Talan Group

    New York, NY
    2 days ago
  • $95.86k - $208.27k

    The KPMG Advisory practice is at the forefront of transformation, offering excellent opportunities for individuals to advance their careers and expertise with KPMG. Looking ahead, we anticipate continued evolution and success within the practice, fostering both personal...
    H1b
    Local area

    KPMG

    New York, NY
    4 days ago
  • A global consulting firm is seeking an IT Risk & Vulnerability Analyst to ensure software security and compliance for strategic clients. The role involves tracking software versions, collaborating with IT teams, and maintaining accurate reports. Candidates should have a... 

    Talan Group

    New York, NY
    1 day ago
  • QUANTEAM - North America (RAINBOW PARTNERS Group) is seeking a Vulnerability & Patch Management Analyst to join their New York team. The successful candidate will manage the end-to-end VPM program, working closely with network teams and IT stakeholders in a global financial... 

    QUANTEAM - North America (RAINBOW PARTNERS Group)

    New York, NY
    2 days ago
  • $1,000 per month

    Join Our Team as a Website Tester at Little Wheel Little Wheel is a gambling technology company focused on researching and building products that put players first. We are currently hiring Website Testers across Michigan, New Jersey, Pennsylvania, and West Virginia...
    Extra income
    Temporary work
    Second job
    Currently hiring
    Immediate start
    Work from home
    Flexible hours

    Little Wheel

    New York, NY
    4 days ago
  • $500 per month

    Become a Professional Game Tester We're looking for passionate gamers to join our elite team of mobile game testers. Get paid to play and test the latest games before they launch. $500+ Avg Monthly Pay 5-10 Hours/Week 100% Remote Position Requirements: ...
    Remote work
    10 hours per week
    Flexible hours

    Babki

    New York, NY
    3 days ago
  • $140k - $160k

     ..., firewalls, endpoints, Active Directory) and perform comprehensive web application security assessments covering OWASP Top 10 vulnerabilities, business logic flaws, authentication weaknesses, and API security issues - following OWASP, and MITRE ATT&CK and other methodologies... 
    Temporary work
    Work at office
    Immediate start
    2 days per week
    3 days per week

    Fitch Group

    New York, NY
    1 day ago
  • $35 per hour

    A mobile games company is seeking a Junior Software Tester to dive into the world of mobile games and enhance player experiences. This entry-level position allows you to work remotely, explore apps on your devices, and provide valuable feedback on functionality and user...
    Hourly pay
    Remote work

    Review Pays

    New York, NY
    1 day ago
  • A mobile game testing company is seeking a Freelance Software Tester to explore and analyze mobile applications. In this remote role, you'll provide critical feedback on app performance and usability. This position is ideal for beginners, requires no prior experience, ...
    Freelance
    Remote work

    Review Pays

    New York, NY
    1 day ago
  • A technology feedback company is seeking a Freelance Product Tester to explore and review mobile applications. This entry-level position allows you to work remotely, sharing your insights into user experience and functionality. Ideal for beginners, this role offers flexibility...
    Freelance
    Remote work

    Review Pays

    New York, NY
    1 day ago
  • $104k - $156k

     ...embed security controls natively. Periodically provide recommendations on technical design of security controls aligned to vulnerabilities, risks, issues and/or events. Support purple-team exercises and control-efficacy testing to verify depth and resilience under... 
    Remote work

    Relativity

    New York, NY
    3 days ago
  •  ...Digital Forensic Analyst Employment Type: Full-Time, Mid-Level Department: Forensics CGS is seeking a Digital Forensic Analyst whose primary focus will be on the preservation & collection of mobile device and cloud‑stored data. This candidate should be fluent in a broad... 
    Full time
    Work at office
    Remote work
    Flexible hours

    Dormont Manufacturing Company

    New York, NY
    3 days ago
  •  ...Tester with at least 5 years of experience. In this full-time role, you will be integral to performing redteam audits, identifying vulnerabilities, and developing mitigations for clients. Ideal candidates possess strong Linux and scripting skills, along with excellent... 
    Remote job
    Full time

    P1 Security

    New York, NY
    1 day ago
  •  ...Digital Forensic Analyst Employment Type: Full-Time, Mid-Level Department: Forensics CGS is seeking a Digital Forensic Analyst whose primary focus will be on the preservation & collection of mobile device and cloud‑stored data. The ideal candidate should be fluent in a... 
    Full time
    Work at office
    Remote work
    Flexible hours

    CGS Federal (Contact Government Services)

    New York, NY
    1 day ago
  • $32 - $73 per hour

    Fixpoint is hiring a Penetration Tester for a remote role with flexible hours. You'll perform various penetration tests, craft remediation reports, and collaborate with teams to enhance security. A minimum of 5 years full-time experience and native English proficiency is...
    Remote job
    Hourly pay
    Full time
    Contract work
    For contractors
    Flexible hours

    Fixpoint

    New York, NY
    1 day ago
  • A leading gaming services company is looking for Community Game Testers to participate in paid, on-call test sessions. This flexible role allows you to test games from the comfort of your home using your own devices. Key responsibilities include evaluating user experience...
    Remote job
    Extra income
    Flexible hours

    Keywords Studios

    New York, NY
    1 day ago
  • A leading tech company is seeking experienced cybersecurity professionals to evaluate AI-generated content regarding real-world security threats and defenses. Candidates will have the flexibility of choosing projects and work hours in a fully remote capacity. The ideal ...
    Remote job

    DataAnnotation

    New York, NY
    1 day ago
  • A local government health agency in New York is seeking a Network Administrator to oversee the operation and maintenance of LAN/WAN systems. The role involves troubleshooting network issues, implementing security protocols, and collaborating with cybersecurity teams. Candidates...
    Local area

    Onondaga County Health Department

    New York, NY
    1 day ago
  • About the Company Rain makes the next generation of payments possible across the globe. We're a lean and mighty team of passionate builders and veteran founders. Our infrastructure makes stablecoins usable in the real-world by powering card transactions, cross-border...
    Work at office
    Work from home
    Flexible hours

    Rain

    New York, NY
    2 days ago
  • $70k - $100k

     ...Windows server operation ~ LAN / WAN technologies ~ Virtualization and storage platforms ~ Security tools including endpoint protection and vulnerability assessment ~ Experience with Microsoft, Citrix, VMware environments ~ MSP / MSSP experience a plus... 
    Full time
    For subcontractor
    Remote work
    Visa sponsorship
    Weekend work
    2 days per week
    3 days per week

    Cinter LLC

    New York, NY
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Vulnerability Analyst. Be the first to apply!