← All Jobs
Posted May 18, 2026

Cybersecurity Vulnerability Analyst

Apply Now
Summary: The Cybersecurity Operations Vulnerability Analyst is responsible for configuring, executing, analyzing, and reporting all aspects of the firm’s Vulnerability Management program. Reporting to the Director of Cybersecurity Operations, this role will be responsible for the daily execution of vulnerability scans on premise and in the cloud, consolidation of scanning results, and coordination with functional stakeholders to remediate findings. This role will serve as the analytical focal point for the firm’s vulnerability management program. Duties & Responsibilities: • Leverage threat intelligence feeds and vulnerability management tools to identify vulnerabilities across endpoints, servers, and applications and triage assessments based on likelihood and impact of vulnerability information on the Covington environment. • Collaborate with internal business units throughout the vulnerability management lifecycle. • Apply foundational cybersecurity and networking knowledge to analyze risk and support security operations, including understanding common vulnerability types, attack lifecycles and tactics, and core networking concepts such as protocols, services, and attack techniques. Leverage awareness of compensating controls, layered defenses, and the broader threat landscape to contextualize vulnerabilities, assess potential impact, and support informed remediation. • Apply foundational risk management concepts to assess and contextualize security issues, including understanding risk terminology, risk appetite, attack surface, and risk treatment options. Evaluate vulnerabilities using likelihood and impact considerations, apply threat modeling concepts to understand potential attack paths, and support informed risk based decision making across security operations and remediation efforts. • Leverage internal ticketing and communication systems to manage and track security related work, ensuring accurate documentation, clear timelines, and adherence to remediation SLAs, while maintaining situational awareness, applying appropriate follow up cadence, and escalating emerging risks or threats to leadership with clear articulation of impact and urgency through professional and timely communication. • Apply sound judgment and attention to detail to assess security issues, prioritize work, communicate clearly and professionally, maintain situational awareness of threat activity, and contribute collaboratively while demonstrating initiative and flexibility. • Follow and maintain documented procedures, stay current on policies and tooling, identify and document process gaps, contribute to VM program documentation, and support operations through accurate metric reporting as needed. • Follow change management and patch management lifecycles. • Leverage internal CMDB and other asset tracking solutions to map vulnerabilities and triage efforts. • Perform additional duties as appropriate to support the CISO-org. • Uphold high standards of confidentiality, discretion, and integrity, particularly with respect to all sensitive and/or confidential firm and client information to which this position will have access. Qualifications: • Minimum of 3 years’ experience as a Vulnerability Analyst OR minimum of 5 years’ experience in Information Security, Penetration/Offensive testing, and/or Cybersecurity professional role with core responsibilities in Vulnerability Management. • Communicates clearly and professionally in both written and verbal contexts and shows intellectual curiosity by identifying knowledge gaps and pursuing deeper understanding. • Demonstrates critical thinking and analytical skills, with the ability to independently assess situations, apply investigative methods, and draw reasonable conclusions. • Exhibits strong attention to detail when working with tickets and complex or technical information, paired with effective time management and task prioritization. • Works collaboratively within a team environment, contributes to shared problem solving and knowledge sharing, and demonstrates flexibility. • Knowledge of common vulnerability types such as CVEs, End-of-life/Support, misconfiguration, design flaws, supply chain and dependencies, architectural, administrative, and human vulnerability. • Hands-on experience with vulnerability scanners. • Knowledge and use of risk assessment frameworks such as OCTAVE preferred. • Bachelor’s degree in computer science, information systems, cybersecurity or related field optional. • GIAC, ISACA, CompTIA, and/or ISC2 technical certifications are preferred. • Position requires access to equipment, software, or technology that is subject to U.S. export controls. To be granted access pursuant to US Export Control laws, candidate must be either ( Apply tot his job Apply To this Job
Apply Now

More Technology Jobs

Cybersecurity Certification & Accreditation Analyst Lead (59788)May 25, 2026Work From Home – Business Outreach Rep (Flexible + Daily Cash Bonuses)May 16, 2026W2 Agile Scaled Scrum Master - EST Hours only max with fulltime job and no contract jobMay 15, 2026Cyber Security PrincipalMay 19, 2026OT Cybersecurity (No C2c)May 16, 2026Cybersecurity Threat Hunter (Data Scientist)May 18, 2026IT Operations & Cybersecurity ManagerMay 10, 2026Cybersecurity Professionals for AI ProjectMay 16, 2026**Experienced Customer Service Representative – Work From Home Opportunity at arenaflex**May 14, 2026Technical Service SpecialistMay 13, 2026**Experienced Patient Screeners/Customer Service Representative – UHealth Campus**May 13, 2026**Experienced Data Entry Specialist – Remote Opportunity with arenaflex**May 27, 2026Mobile Notary Signature Sleuth Oakland, CAMay 10, 2026Information Security Operations ManagerMay 13, 2026Data Loss Prevention (DLP) Cybersecurity Engineer Remote Secret or Top SecretMay 11, 2026