Job Description

We are seeking a detail-oriented and collaborative Information Security Analyst to support and coordinate enterprise vulnerability management and security testing initiatives. This role is a key member of the Information Security team, working closely with senior security engineers and partnering with IT, infrastructure, application, and engineering teams to plan testing activities, track findings, and drive remediation efforts.

• Collaborate with cross-functional teams to coordinate testing times and change management processes
• Partner with the Vulnerability Management Engineer to support the execution of the vulnerability management program
• Knowledge of vulnerability management tools such as Rapid7 InsightVM, Qualys, CrowdStrike, or Tenable
• Organize testing schedules and ensure appropriate stakeholders are informed and engaged
• Track, document, and report on vulnerability findings and remediation progress
• Facilitate communication between security, IT, and application teams to ensure timely risk reduction
• Maintain testing and remediation records within established security tools and processes
• Support continuous improvement of vulnerability and testing workflows
• Stay informed on emerging vulnerabilities, exploits, and remediation techniques.
• Participate in periodic audits, assessments, and compliance reporting as needed.

Required Qualifications:

• Experience in information security, project management, vulnerability management, risk management, or IT operations
• Strong organizational and communication skills with the ability to work across multiple teams
• Familiarity with vulnerability scanning, security testing, or remediation tracking concepts
• Process-oriented mindset with attention to detail
• Ability to translate technical findings into clear, actionable deliverables
• Familiarity with NIST 800-40 Rev.4 or relevant vulnerability management experience
• Strong attention to detail, organizational skills, and ability to follow structured processes.
• Effective communication skills for working with technical and non-technical stakeholders.
• Associate or bachelor’s degree in information security, Computer Science, or related field (or equivalent experience).

Preferred Qualifications:

• Experience with scripting or automation (e.g., Python, PowerShell) to support VM tasks.
• Exposure to ITSM tools (e.g., ServiceNow, Jira) for tracking remediation.
• Security certifications such as Security+, CEH, or vendor-specific credentials.
• Familiarity with compliance frameworks (e.g., NIST, CIS, ISO 27001).