Vulnerability Management Analyst

Are you looking for limitless career opportunities with a company that values growth, innovation, and teamwork? At Ntiva, we’re more than a Managed Services Provider, we’re a community dedicated to helping each other, our clients, and their businesses thrive both personally and professionally. Ntiva is a culture of people who are passionate about the work…and each other.


Our clients view us as an essential part of their teams, relying on us for strategic guidance, fast solutions to complex challenges, and proactive support. With strategic locations across the U.S. and leadership from our founder, Steven Freidkin, we’re on the front lines of a fast-paced industry, facing cybersecurity threats and rapid technology changes together.


If you thrive in a dynamic, supportive environment and enjoy going above and beyond, we’d love to meet you. Come explore one of our many opportunities and grow with us!


The scope and responsibilities of this position are accurately represented. Title alignment is still being finalized and reflects the closest match to the role.

How you’ll make an Impact As a Vulnerability Management Analyst, you support Security Engineers by executing approved security remediation tasks, performing manual configuration updates, and validating remediation outcomes across GovCon client environments. This role focuses on task execution rather than strategy, architecture, or engineering judgment.

You will work from clearly defined tickets, remediation plans, and documented procedures provided by Security Engineers. The Analyst does not define risk posture, sequencing, or change guardrails, but is responsible for accurate execution, documentation, and escalation of issues or unexpected results.

This role plays a critical part in maintaining security hygiene, reducing remediation backlog, and ensuring consistent follow-through on approved security work.

Location and Work Expectations

• This is a hybrid-remote role with approximately 5% on-site work at client sites throughout the US if needed. The specific allocation of remote versus onsite requirements may fluctuate based on business needs. Candidates with proximity to one of our Centers of Excellence are preferred (Lombard, IL; McLean, VA; Shreveport, LA; Overland Park, KS).
• Monday-Friday, 3pm-12am EST or CST
• This role also includes participation in a rotating on-call schedule.

What you will be doing

• Assist Security Engineers with execution of approved remediation and security maintenance tasks
• Perform manual remediation activities following documented instructions and SOPs
• Execute configuration updates, cleanup actions, and corrective steps as defined in tickets or remediation plans
• Perform non-design security changes that do not require independent engineering judgment
• Validate remediation outcomes based on defined success criteria provided by Engineers
• Document actions taken, results observed, and evidence of completion in the ticketing system
• Escalate unclear instructions, access issues, unexpected behavior, or failed outcomes to the assigned Engineer
• Support post-containment recovery activities by executing assigned recovery tasks under engineering direction
• Assist with coordination tasks such as staging work, validation checks, and follow-up remediation
• Maintain strict adherence to scope, access controls, and compliance requirements in GovCon environments

Core Areas of Support

• Execution of approved security remediation identified by Engineers, SOC/MDR, or vulnerability tools
• Manual configuration hardening tasks across servers, endpoints, and network devices as directed
• Support for availability-impacting changes by executing pre-approved steps
• Endpoint Detection & Response (EDR):



• Agent deployment and removal
• Health checks and basic troubleshooting
• Lifecycle and coverage validation
• Web filtering:
• Policy deployment and updates as directed
• Review and triage of web filtering alerts for escalation
• Review and action assigned MDR recommendations that have been approved by Engineering
• Assist with DLP policy review and tuning activities by implementing assigned changes
• Support maintenance and updates of Microsoft Sentinel data connectors under direction
• Assist with preparation and validation tasks for client security posture reviews
• Other duties as assigned

You’ll be successful in this role if you have

• 2-5 years of experience in security operations, or remediation roles
• Experience executing technical tasks from tickets or remediation plans
• Comfort following documented procedures exactly as written
• Basic familiarity with:
  
  • Windows operating systems and enterprise endpoints
  • Security tooling concepts (EDR, MDR alerts, vulnerability findings)
  • Ticket-driven workflows and documentation requirements
• Strong attention to detail and consistency in task execution
• Willingness to escalate when scope, instructions, or outcomes are unclear
• Ability to operate in compliance-driven or regulated environments
• Professional, calm demeanor when working through operational backlogs

Required language skills

• Ability to communicate professionally, in English, both written and orally
• Ability to write business correspondence and process procedures
• Ability to effectively present information and respond to questions from groups of managers, clients, and the general public

Benefits and Perks

• Medical, Dental and Vision coverage for employee and family

• 401k + company-matched contributions 4% match on 5% contribution - no vesting period! (Employee and Company contribute after 90 days)

• Group Term Life and Accidental Death and Dismemberment coverage (company provided)

• Short-Term (voluntary enrollment) and Long-Term Disability coverage (company provided)

• Health Savings Account (HSA) Options / PPO Options

• Employee Assistance Program

• Paid Time Off (PTO) + Volunteer Time Off (VTO) + 8 Paid Holidays + 3 Floating Holidays

• Education Reimbursement Program

• Generous Employee Referral Program - cash bonus for successful referrals!

• Dynamic Recognition and Rewards

• Clear Promotion and Advancement Tracks

• Work with Industry-Leading Talent

The base pay range for this position is expected to be between $60,000.00 and $73,000.00 per year. The base pay offered may vary depending on multiple non-discriminatory factors including, but not limited to, market location, job-related knowledge, skills, and experience. The total compensation package for this position also includes medical benefits, 401(k) eligibility, and PTO. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment.


FLSA Status: Salaried, Exempt


Work Authorization Criteria
This position requires U.S. citizenship due to federal government contract obligations and access to secured information systems.


Workspace Requirements and Remote Work Policy
Team members must establish a dedicated safe workspace that is free from distractions, hazards, and that is secure from unauthorized access. This includes following Ntiva’s IT User and Security Policies that include but are not limited to password-protecting all equipment, keeping confidential and proprietary documents secure, refraining from using public Wi-Fi, having adequate arrangements in place to avoid significant interruptions from caregiving responsibilities during work hours (except in emergency situations with manager approval). Any remote work away from a team member’s normal expected dedicated safe workspace must be requested by team member, is subject to review by management, and must adhere to Ntiva policies and procedures.


Our Commitment to a Diverse Workforce
At Ntiva, we are committed to creating and maintaining a diverse, inclusive, and welcoming work environment for all employees and job applicants. We firmly believe that a diverse workforce fosters a wider range of perspectives, experiences, and ideas that lead to increased creativity, innovation, and problem-solving capabilities. As an equal opportunity employer, we actively seek to recruit and retain a diverse workforce that reflects the communities we serve. We prohibit discrimination of any kind, including but not limited to race, color, religion, gender, gender identity or expression, sexual orientation, marital status, national origin, age, hair length, protective hairstyles, organ donor status, disability, veteran status, or any other legally protected status and comply with all applicable laws governing nondiscrimination in employment.


Application Deadline: The sooner you apply, the sooner we can get to know you! Submit your resume today! Applications will be accepted until 6/16/26.

Equal Opportunity Employer


This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.