Job Description

Job Title: Vulnerability Analyst

Location: WASHINGTON, DC, United States

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: Hybrid Remote – 3 days on-site

Description

• TRiNET Technologies LLC is seeking a Vulnerability Analyst to support a critical U.S.
• government agency in the National Capital Region. This role offers an exciting
• opportunity to lead and contribute to vulnerability management activities, risk
• assessments, and security compliance initiatives across hybrid environments. The
• analyst will play a key role in identifying, analyzing, and tracking vulnerabilities using
• industry-standard tools and processes.
• The ideal candidate will have a strong understanding of cybersecurity principles and
• hands-on experience with vulnerability scanning tools such as Nessus, Tenable Security
• Center, Tenable.IO, Qualys WAS, or NMAP. This role involves executing complex
• scans, correlating and analyzing results, coordinating remediation efforts, and
• supporting compliance reporting. The analyst will work closely with stakeholders across
• IT, security engineering, and compliance teams to improve the agency’s security
• posture.

Key Responsibilities:

• Plan and perform vulnerability scans and assessments across on-premises,
• hybrid, and cloud environments.
• Lead scanning activities for servers, endpoints, applications, and cloud
• infrastructure using tools such as Nessus, Security Center, Tenable.IO, Qualys WAS, and NMAP.

• Analyze and validate scan results, correlate findings, and determine severity and risk impact to prioritize remediation efforts.
• Collaborate with remediation teams, system owners, and senior security staff to track and resolve identified vulnerabilities.
• Monitor and tune scan configurations, troubleshoot scan failures, and recommend optimizations for improved coverage and performance.
• Maintain and update vulnerability tracking systems, dashboards, and compliance
• reports using tools like ServiceNow, SharePoint, Microsoft SQL, and PowerBI.
• Develop reports, briefs, and metrics to communicate vulnerability status, remediation progress, and compliance standing to leadership.
• Assist in refining policies, procedures, and workflows related to vulnerability management, security operations, and continuous monitoring.
• Stay up to date on emerging vulnerabilities, CVEs, threat intelligence, and best practices to proactively identify risk areas and improve security controls.

Qualifications & Experience:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field. An additional 2 years of experience may be substituted for a degree.
• 3–5 years of experience in cybersecurity, vulnerability management, or security

operations.

• Hands-on experience with vulnerability scanning tools (e.g., Tenable products Qualys, or NMAP) and interpreting technical scan results.
• Familiarity with patch management processes, vulnerability remediation, and risk prioritization frameworks (e.g., CVSS, CISA KEV, etc.).
• Demonstrated experience supporting vulnerability lifecycle tracking and reporting using platforms such as ServiceNow, SharePoint, or PowerBI.
• Strong understanding of cybersecurity frameworks (e.g., NIST 800-53, NIST CSF) and basic compliance requirements.

Job Tags

Similar Jobs