Vulnerability Management Analyst
Dane
Benefits Life/STD/LTD FSA/DCA 401(k) Employee discounts Paid time off 401(k) matching Dental insurance Health insurance Tuition assistance Vision insurance Description Looking for a place that invests in you from day one? At DANE, we offer aggressive PTO, strong benefits, and ongoing learning opportunities, backed by a culture that values and supports our team. We are seeking a Vulnerability Management Analyst (Tenable/Nessus & Metrics) to support vulnerability tracking, remediation coordination, and security metrics reporting in a federal technology environment. This is a junior-level role (1–3 years of experience) focused on execution and coordination, working hands-on with Tenable/Nessus, iPost, Power BI, Excel, and ticketing systems to ensure that vulnerability data is accurate, actionable, and reportable. Details Location: Hybrid - Onsite, Arlington, VA, 1 day/week and as needed Job Type: Full Time Education: Minimum of a Bachelor’s degree in computer science or Equivalent Experience: Minimum 1 year of relevant experience Clearance: Must hold an Active DoD Secret Clearance or higher Responsibilities Run authorized Tenable/Nessus scans using credentialed scan profiles and review exports to identify CVEs, plugin findings, KEV status, EOL/EOS software risks, and affected assets. Validate findings as true or false positives, track vulnerability age using first-seen/last-seen dates, and escalation unresolved findings to senior security staff or system owners. Support the full vulnerability lifecycle from intake and triage through ownership assignment, remediation tracking, retest/rescan validation, and closure evidence collection. Monitor KEV and Critical/High findings against federal remediation timelines (e.g., BOD 22-01) and flag aging, stale, or blocked findings for escalation. Build and maintain Power BI dashboards and Excel reports covering vulnerability posture, patch compliance, KEV status, finding aging, and ownership tracking using Power Query, slicers, and basic DAX measures. Produce recurring deliverables, including Critical/High aging reports, Tenable/iPost reconciliation summaries, EOL/EOS tracking, and executive snapshots; document KPI definitions and data sources. Reconcile vulnerability data across Tenable/Nessus, iPost, ServiceNow/CA ServiceDesk, Jira, SharePoint, POA&M trackers, and Excel exports to identify mismatches and coverage gaps. Coordinate with security, development, infrastructure, database, and cloud teams and ISSO stakeholders to drive remediation through closure. Requirements 1–3 years of experience in cybersecurity operations, vulnerability management, SOC, cyber GRC, IT operations, or application security support; working knowledge of CVE, CVSS, KEV, false positives, POA&M tracking, risk acceptance, and vulnerability aging. Hands-on Tenable/Nessus experience: executing credentialed scans, analyzing plugin output and CVE findings, validating true/false positives, and building dashboards, saved filters, and exports for KEV, Critical/High, EOL/EOS, and aging tracking. Intermediate Power BI (Power Query, data modeling, DAX, slicers) and strong Excel skills (pivot tables, VLOOKUP/XLOOKUP, conditional formatting, deduplication) for vulnerability reporting and KPI tracking. Experience with iPost, ServiceNow, CA ServiceDesk, Jira, or SharePoint for remediation tracking; ability to reconcile data across multiple tools, identify mismatches, and maintain accurate ownership and evidence records. Familiarity with EOL/EOS software tracking, patch compliance, remediation exceptions, risk acceptance documentation, and closure evidence collection. Strong attention to detail, comfort working with large and messy datasets, and clear communication skills for translating technical findings into plain-language updates for leadership and non-technical stakeholders. Preferred Qualifications Experience supporting federal cybersecurity programs or regulated environments; familiarity with NIST SP 800-53, RMF, A&A, ATO, POA&M lifecycle management, CISA BOD 22-01, and FedRAMP vulnerability requirements. Exposure to DevSecOps and application security tooling: SAST, DAST, SCA, container image scanning, secrets scanning, or Software Bill of Materials (SBOM) analysis. Basic understanding of enterprise patching for Windows Server, Windows workstations, .NET Framework, Java JRE, SQL Server, and endpoint agents; familiarity with Splunk or other SIEM platforms. Experience developing SOPs, RACI matrices, or workflow documentation in a security or IT operations context. Relevant certifications such as CompTIA Security+, CySA+, CEH, or equivalent entry‑to‑mid‑level cybersecurity credentials. DANE LLC is an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Flexible work from home options available. #J-18808-Ljbffr
$60k - $73k
...growth, innovation, and teamwork? At Ntiva, we’re more than a Managed Services Provider; we’re a community dedicated to helping... ...match to the role. How You’ll Make An Impact As a Vulnerability Management Analyst, you support Security Engineers by executing approved security...SuggestedContract workTemporary workRemote workMonday to Friday- ...Mission Technologies, a division of HII, is looking for a skilled professional in vulnerability management in Fairfax, Virginia. The successful candidate will support Department of Defense cybersecurity efforts, ensure accuracy in vulnerability assessments, and maintain...Suggested
- Everforth ECS is seeking a Junior Vulnerability Management Analyst to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax. This position is contingent upon contract award. The War Data Platform (WDP) is a key initiative within the U.S...SuggestedContract workFor contractorsInternshipLocal area
$103.54k - $147.92k
Search by Keyword (use Keyword for Remote Positions) Select how often (in days) to receive an alert: Vulnerability Management Analyst (Structured Threat Analyst 3) ADVANA Location: Fairfax, VA, Virginia, United States Requisition Number:27377 Required Travel: 0 - 1...SuggestedFull timeContract workFor contractorsWork at officeLocal areaRemote workWorldwide$103.54k - $147.92k
...Required Travel: 0-10%. Responsibilities Supports enterprise vulnerability management operations for Department of Defense mission systems across... ...and compensating controls under guidance of senior analysts. Maintains detailed records supporting Risk Management Framework...SuggestedFull timeFor contractorsWork at officeLocal area- ECS is looking for a Junior Vulnerability Management Analyst based in the National Capital Region. This role involves supporting enterprise vulnerability management operations, including validating vulnerability scans and tracking remediation efforts. Candidates should...
- ...Position Title: Senior Business Operations & Financial Management Analyst Location: Chantilly, VA Clearance Requirement: Active Top Secret with SCI eligibility U.S. Citizenship required OMNI Consulting Solutions is seeking a Senior Business Operations &...Work at office
- ...join our cybersecurity team. In this role, you will identify vulnerabilities and test the security of networks, applications, and systems... ...family. *** SIMILAR CAREER TITLES Ethical Hacker, Vulnerability Analyst, Security Consultant, Red Team Specialist, Cybersecurity...Temporary workFor contractorsImmediate startFlexible hours
$113.2k - $237.8k
...your career network. We are a fun, engaging environment with a management team focused on growing your career and making you a part of... ...an understanding of and interest in common web application vulnerabilities like XSS, CSRF, Command Injection, SQLi, single sign-on...Contract workWork experience placementImmediate startFlexible hours$45k - $65k
...Blu Omega LLC seeks a Junior Vulnerability Analyst to support the NIH cybersecurity operations center. This remote role is responsible for assessing and mitigating cybersecurity vulnerabilities in critical healthcare and federal systems. Candidates should demonstrate a...Remote work$113.2k - $237.8k
...tools to conduct reconnaissance, exploitation, and post‑exploitation tasks. Collaborate with stakeholders to remediate identified vulnerabilities. Qualifications Experience performing Red Team, Blue Team Operations. Certifications such as OSCP, OSCE, GPEN, GWAPT, GXPN, CEH...Full timeWork experience placement$124k - $168k
...Responsibilities: Responsible for performing basic reconnaissance and vulnerability scanning in accordance with established testing methodologies... ..., and leading remediation efforts Collaborating with management to develop security policies, training other cybersecurity...Work experience placement- ...Digital Forensic Analyst Employment Type: Full-Time, Mid-Level Department: Forensics CGS is seeking a Digital Forensic Analyst whose... ...updates and new options in the market Work closely with project management and other team members on completing complex projects in a...Full timeWork at officeRemote workFlexible hours
$176k - $282k
...Responsibilities The Digital Forensic Analyst will conduct research, evaluate system configuration data, and provide recommendations... ...team to implement changes to mitigate potential weaknesses/vulnerabilities. Additionally, the Digital Forensic Analyst will: Perform network...Contract workShift work- ...Description Seeking a Digital Forensics Analyst, to serve as a member of an organizational cybersecurity program. This position requires an active TS/SCI with Polygraph. Key Responsibilities Conduct forensic acquisition and analysis on computer, mobile, IOT, digital media...Work experience placement
$103.54k - $147.92k
A leading defense contractor in Virginia is seeking a Vulnerability Management Analyst to support the DoD/DoW Advana War Data Platform. The role involves managing cyber vulnerabilities, validating scan results, and collaborating with teams on remediation efforts. Candidates...For contractors$100k - $140k
...engineers, visitors, system administrators, security staff, program managers, and local vendors and inspectors. This position requires an... ...including audit log reviews, system compliance assessments, vulnerability scans, and account activity for privileged and general users....Full timeTemporary workFor contractorsWork at officeLocal areaImmediate startRemote workFlexible hours- ...policy architecture across SPA's information systems. The team manages cyber policy, develops control implementations and system... ...minimal supervision Desired Qualifications: Experience performing Vulnerability Management activities and validating system compliance using software...Work experience placementImmediate start
- ...compliance with security policies, and managing risk through the implementation of robust... ...security assessments, monitor for vulnerabilities, and respond to potential threats. The... ...** SIMILAR CAREER TITLES Cybersecurity Analyst, Information Security Specialist, Security...Temporary workFor contractorsImmediate startFlexible hours
- ...Degree in a related field or an advanced degree in Cybersecurity with 5+ years of experience in within information security or risk management supporting multi-domain SAP or SCI environments. Certifications: The ISSO shall possess an active technical certification...Temporary workWork at office
- ...Responsibilities: Conducting technical security assessments and contribute to the security systems. Ensuring system security compliance, manage risks, and support certification activities throughout the program life cycle. Work with the systems administrators to ensure the...Full timeFlexible hours
$130k - $150k
...with detecting and preventing computer security compromises in a networked environment. Working knowledge of configuration management; system maintenance; and integration testing. Proficient in the use of tools used to prevent and/or negate malicious code....Civilian ContractorFor contractorsWork experience placementWork at office- ...implementing and overseeing security policies, managing risk assessments, and ensuring... ...closely with other IT teams to identify vulnerabilities, develop security protocols, and monitor... ..., Cybersecurity Officer, Security Analyst, Information Assurance Officer, Security...Temporary workFor contractorsImmediate startFlexible hours
- ...cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process... ...and recommend improvements to amend vulnerabilities, implement changes, and document upgrades... ...experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO...Full timeLocal areaRemote workFlexible hours
$77.6k - $176k
...Security Officer (ISSO) overseeing the full lifecycle of Risk Management Framework (RMF) authorization activities. You will rely on... ...will define security expectations, drive the remediation of vulnerabilities, and collaborate across multidisciplinary teams to ensure systems...Full timeContract workPart timeLocal areaRemote work$80k - $200k
...Litigation Systems Analyst Employment Type: Full Time, Mid-level Department: Litigation Support Responsibilities May work directly with... ...Government staff and/or under the direction of the Contract IT Manager, Systems Manager, Senior Systems Analyst, or Lead Project...Full timeContract workFor contractorsWork at officeFlexible hours$86.6k - $181.8k
...Security testing • MS TFS • Zap (security testing) • Good organizational skills • Good leadership skills • Good project management skills • Good negotiation skills • Good people management skills • Good time management skills • Good problem-solving...Full timeContract workWork experience placementLocal areaImmediate startFlexible hours- ...Network Analyst page is loaded## Network Analystlocations: Chantilly, Virginiatime type: Full timeposted on: Posted Todayjob requisition... ...of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions.* **Collaborative Environment...Local areaFlexible hours
- ...Systems Analyst LOCATION Chantilly, VA 20151 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship)... ...Engineering, Data Science, Cybersecurity, Operations Research, Management Information Systems, etc. ALTERNATE EXPERIENCE General comment...Temporary workFor contractorsImmediate startFlexible hours
$80k - $120k
...Senior Systems Analyst Employment Type: Full Time, Senior-level Department: Information Technology CGS is seeking a Senior Systems Analyst... ...Federal agency. Skills and attributes for success Develop, manage, and document a workflow process to identify, archive, and delete...Full timeContract workFor contractorsWork at officeFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Vulnerability Management Analyst. Be the first to apply!
- public sector business analyst Chantilly, Loudoun County, VA
- configuration management analyst Chantilly, Loudoun County, VA
- pega business analyst Chantilly, Loudoun County, VA
- business development analyst Chantilly, Loudoun County, VA
- business analyst Chantilly, Loudoun County, VA
- management analyst Chantilly, Loudoun County, VA
- business analyst part time remote Chantilly, Loudoun County, VA
- knowledge management analyst Chantilly, Loudoun County, VA
- senior business analyst contract Chantilly, Loudoun County, VA
- remote senior business analyst Chantilly, Loudoun County, VA

