Risk and Vulnerability Analyst II
SOS International LLC
Washington, DC, USA
Full-time
Clearance Requirement: Secret
Company Description
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Job Description
***** This position is contingent upon contract award *****
Overview
SOSi is seeking a Risk and Vulnerability Analyst II to support vulnerability assessment and risk analysis activities in alignment with our customer. This role is responsible for conducting vulnerability scanning and analysis, supporting remediation efforts, maintaining scan operations, and helping improve enterprise visibility into security weaknesses and cyber risk.
Responsibilities
· Perform vulnerability assessments and security scanning across operating systems, databases, web applications, and enterprise infrastructure
· Analyze vulnerabilities and support development of remediation recommendations
· Support cloud compliance scans and assessment activities
· Troubleshoot scan issues and support maintenance of vulnerability scanning tools, consoles, and configurations
· Support automated and scheduled scanning activities, including scan planning, execution, and reporting
· Support ad hoc or emergency vulnerability scanning in support of incident investigation and response activities
· Create and maintain scan reports, data feeds, scan policies, repositories, and user access/roles for assessment tools
· Support API discovery and scanning, and integration of assessment data into third-party tools
· Coordinate with cyber defense engineering and system teams to support tool operations, testing, and vulnerability management activities
Qualifications
· Experience:
Three (3) to five (5) years of security-related experience
Experience with operating system, database, and web application vulnerability scanning
Experience supporting cloud compliance scanning
Experience troubleshooting vulnerability scan tools and scan configurations
Experience with automation supporting vulnerability assessment operations
Experience supporting Information System Vulnerability Management (ISVM) scans and compliance activities
Experience with API discovery and security scanning
· Education:
Bachelor's Degree
Clearance/Suitability : Secret (eligible)
Additional Information
Work Environment
Normal office conditions with potential to perform duties in deployed locations.
Core hours of operation are Monday through Friday, 0600 - 1700.
May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.
SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.
- cFocus Software Incorporated is seeking a Vulnerability Analyst II in Washington, D.C. The role involves providing cybersecurity risk, vulnerability management, and compliance support, including vulnerability assessments and remediation recommendations. Candidates should...Risk
- Vulnerability Analyst II Position Title: Vulnerability Analyst II Program: SBA Enterprise Cybersecurity Services (ECS) Position Summary The Vulnerability Analyst II provides cybersecurity risk, vulnerability management, and compliance support services in alignment with...Risk
$140.5k - $210.5k
Sr. Cybersecurity Analyst II (Sr Vulnerability Analyst) - Information Technology Primary Location: DC‑Washington Employee Status: Regular Overtime... ...and compromises; author project plans, schedules, and risk assessments. Qualifications Minimum Education: Bachelor’s...RiskWork at officeRelocation- ...True Zero Vulnerability Management Position True Zero Technologies, a veteran-owned small business, was founded on the principle that... ...on-site scanning as required. Analyze findings, prioritize risk, and track remediation progress. Troubleshoot scanning issues...RiskWork at office
True Zero Technologies, LLC
Washington DC19 hours ago $140.5k - $210k
...adequately protected. Able to characterize and manage complex risks to mitigate cyber threats. With limited guidance, proactively... ...containment, eradication, and remediation. Oversees implementation of vulnerability scans and ensures operational systems are adequately patched...RiskFull timeWork at office- Watermark Risk Management International is looking for an Information Systems Security Officer II in Washington, DC. The role involves maintaining security for government programs, ensuring compliance, and managing documentation associated with security authorizations....Risk
$97.24k - $118.56k
...Small Business specializing in security and risk management. We are deeply familiar with... .... Information Systems Security Officer II The ISSO is responsible for maintaining the... ...plans. Identify cyber security vulnerabilities and assist with implementation of countermeasures...RiskHourly payContract workFor contractorsWork experience placementLocal area$114.94k - $138.48k
...IT Security Specialist II – Security Operations & Compliance GAMA-1 Technologies... ...scanning and monitoring tools to identify vulnerabilities and monitor system security. Collect,... ...and timely resolution of identified risks. Maintain awareness of evolving cybersecurity...RiskFull timeContract workWork experience placementWork at officeRemote workOverseas1 day per weekGAMA-1 Technologies
Washington DC2 days ago- ...Information System Security Manager (ISSM) II to oversee and manage the implementation... ...posture of information systems, managing risk, and maintaining compliance with... ...Monitor system security posture and respond to vulnerabilities, incidents, and threats Coordinate security...Risk
Provato HR
Washington DCa month ago $151.5k - $155k
...Information System Security Manager (ISSM) II Security Clearance: TS/SCI (Must be... ...guidelines of network security, based upon the Risk Management Framework (RMF) with emphasis... ...have been taken when an incident or vulnerability has been discovered within a system Ensure...RiskFull timeWork at officeLocal areaAmatriot Group, LLC
Arlington, VA3 days ago- ...The Cyber Security Specialist II/III supports cybersecurity engineering and compliance... ...monitor security posture, and remediate vulnerabilities across supported systems. This position is... ...security control implementation and risk reduction. - Active DoD Secret clearance...RiskWork at office
Warrant Technologies LLC
Washington DC3 days ago $88k - $140k
Affirm is seeking a Compliance Analyst II in Washington, D.C. to support its compliance governance program. The Analyst will review and challenge... ...adherence. Required are 3 to 5+ years in compliance or risk management within financial services, strong analytical skills,...RiskRemote job- ...reporting of cyber security systems and the Risk Management Framework (RMF) accreditation... ...in the Service RMF tool, remediation of vulnerabilities, and training of military staff in... ...professional certification at the DoD IAT II or above level ~8+ years' experience in...RiskFull timeFor contractorsCasual workWork at officeRemote workWorldwide
FGS
Suitland, MD19 hours ago - Redtracetech is looking for an Information System Security Officer (ISSO) II based in Washington, D.C. The successful candidate will ensure... ..., a Top Secret Clearance with SCI eligibility, and strong knowledge of the Risk Management Framework. #J-18808-Ljbffr RedtracetechRisk
$95k - $112k
...assess the security of customer systems. Identify vulnerabilities and develop recommended remediations to satisfy... ...(GXPN) Zero Point Security Red Team Ops II Advanced understanding of the following: NIST Risk Management Framework (RMF) and the Assessment and...RiskContract workRemote workSkyePoint Decisions
Arlington, VA3 days ago- A security services company is hiring a Security Specialist II - Risk Assessment Specialist in Washington, DC. This full-time role requires managing the Position Description database, conducting Risk Designation assessments, and maintaining accurate contractor information...RiskFull timeFor contractors
$110.39k - $172.66k
...functions including but not limited to; scheduling, estimating, cost control, risk management, document control and project management information systems. The Project Controls Specialist II reports on cost controls and schedules for projects involving cost and schedule...RiskFor contractorsHNTB
Alexandria, VA3 days ago- Booz Allen Hamilton is seeking a Vulnerability Analyst in Washington, DC to enhance the security posture of government infrastructure. In this... ...and Qualys to conduct scans, analyze threats, and mitigate risks effectively. Your responsibilities include providing technical...Risk
- ...Secretary Level II (Contract Contingent) ProSidian is a Management and Operations Consulting Services Firm focusing on providing value... ...practices. ProSidian services focus on the broad spectrum of Risk Management, Compliance, Business Process, IT Effectiveness, Energy...RiskFull timeContract workTemporary workFor contractorsWork at officeImmediate startFlexible hours
- ...Information System Security Engineer II (ISSE II) Athena Technology Group, Inc. (... ...will support cybersecurity engineering and Risk Management Framework (RMF) activities,... ...implementation and validation of security controls, vulnerability management, and continuous monitoring...RiskContract workTemporary workWork at office
ATG
Arlington, VA3 days ago - Overview Vulnerability Analyst — The Opportunity: As a vulnerability analyst, you’re in the middle of the action, responding to and mitigating... ...based on exploitability, threat intelligence, and business risk. Coordinate with system owners and administrators to track and...Risk
- cFocus Software seeks a Vulnerability Management Analyst to join our program supporting the Federal Communications Commission (FCC). This position is... ...in vulnerability management, cybersecurity operations, or risk/compliance support. Experience working in enterprise environments...RiskRemote work
$110.39k - $172.66k
...functions including but not limited to; scheduling, estimating, cost control, risk management, document control and project management information systems. The Project Controls Specialist II reports on cost controls and schedules for projects involving cost and schedule...RiskFull timePart timeFor contractorsWork at officeLocal areaImmediate startHNTB
Washington DC4 days ago$60k - $180k
...Penetration Tester II Chandler, AZ or Washington, DC - Secret clearance required M9 Solutions is dedicated to providing IT services and solutions to the Federal Government by mobilizing the right people, skills, clearance levels, and technologies to help organizations...Contract workM9 Solutions
Washington DC4 days ago- cFocus Software Incorporated is looking for a Vulnerability Management Analyst to support the Federal Communications Commission (FCC). This remote position... ...vulnerability scanning, analyzing results, providing risk assessments, and managing remediation efforts. Candidates...RiskRemote job
$80k - $128k
A leading national security company is seeking a Risk and Vulnerability Analyst to support the Security Operations Center by identifying and analyzing vulnerabilities and risks. This position requires a Bachelor's degree in Cybersecurity or similar, at least 2 years in...Risk- ...Cyber Systems Engineer II Location: Arlington, VA (On-Site) Citizenship: US only... ...including configuration management (CM), risk management, quality assurance (QA), etc.... ...Platform Experience with system vulnerability assessments Knowledge of Linux/Unix and...RiskContract workFor contractors
Argo Cyber Systems
Arlington, VA2 days ago - ...Description POSITION SUMMARY: CODICE seeks a highly skilled Senior Vulnerability Code Analyst specializing in Ruby-on-Rails to join our team. This role... ...tools to identify potential vulnerabilities and security risks. Conduct threat modeling and risk assessments for new and...Risk
$135k - $197k
...Financial Consulting Manager I, II, and III Salary Range $135,000 - $197,000 Empirical is looking to hire a motivated Financial... ...mission operations; internal control program, assessment, and risk management; and financial transformation and innovation, including...RiskWork experience placementEmpirical
Washington DC3 days ago- ...Base in Albuquerque, New Mexico. Cyber System Administrator (Vulnerability Analyst) supports the Distributed Mission Operations Center (DMOC)... ...POA&M reviews, providing input on vulnerability timelines, risk justifications, and fix‑action feasibility. Provide timely...RiskFull timeContract workPart timeLocal areaRemote workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Risk and Vulnerability Analyst II. Be the first to apply!
- it risk analyst Washington DC
- risk officer Washington DC
- risk compliance officer Washington DC
- junior risk analyst Washington DC
- information risk analyst Washington DC
- third party risk analyst Washington DC
- governance risk & compliance analyst Washington DC
- risk analyst Washington DC
- transaction risk analyst Washington DC
- operational risk consultant Washington DC