Vulnerability Management Analyst

Job Title: Vulnerability Management Analyst                                              
Location:  Sterling, Virginia                                                
Salary: DOE full benefits
Clearance: Active Public Trust (or ability to obtain)

Company Overview:
TechSur Solutions is a digital services company whose mission is to enable digital transformation for our customers, improving quality and efficiency. Based in the DC metropolitan area, TechSur specializes in advanced cloud services, modernization for both IT structures and applications, leveraging Agile development, and data analytics. Since we were formed in August of 2016, we have supported multiple impactful and exciting government programs.

Job Overview
We are seeking a detail-oriented Vulnerability Management Analyst to oversee the identification, assessment, and remediation of security vulnerabilities across our IT infrastructure. The ideal candidate will be responsible for executing vulnerability scans, analyzing security threats, and working closely with IT teams to mitigate risks. This role is critical in strengthening our cybersecurity posture and ensuring compliance with security standards.

Job Responsibilities
•    Conduct regular vulnerability scans on networks, applications, and systems using tools like Qualys, Nessus, Rapid7, or OpenVAS.
•    Analyze scan results, prioritize vulnerabilities based on risk impact, and generate remediation reports.
•    Collaborate with IT and security teams to implement patches, configuration changes, and risk mitigation strategies.
•    Track and validate remediation efforts to ensure vulnerabilities are properly addressed.
•    Stay updated on the latest cybersecurity threats, vulnerabilities, and exploits.
•    Assess zero-day vulnerabilities and coordinate response strategies with security teams.
•    Utilize MITRE ATT&CK, CVSS, and NIST frameworks to assess vulnerability severity and risk impact.
•    Ensure vulnerability management aligns with industry standards such as NIST, CIS, ISO 27001, PCI-DSS, HIPAA, and SOC 2.
•    Assist in security audits, risk assessments, and compliance reporting.
•    Develop and maintain vulnerability management policies, procedures, and documentation.

Required Skills/Work Experience
•    5-7 years of experience
•    Analyze and define security requirements for MLS issues. 
•    Design, develop, engineer, and implement solutions to MLS requirements. 
•    Guide effort to gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena. 
•    Perform risk analyses which also includes risk assessment. 
•    Develop security standards.

Education
•    Bachelor’s degree in computer science, information science, or related field