Vulnerability Analyst

Job Description

Role: Vulnerability Mgmt Analyst Location: Remote Work timing: UK Hours \ US Hours Overview: We are seeking a detail-oriented and highly skilled Vulnerability Management Analyst to join our cybersecurity team. The successful candidate will be responsible for identifying, analyzing, prioritizing, and remediating vulnerabilities across the organizations IT assets. The role involves leveraging industry-standard tools like Qualys , Tenable Nessus , Rapid7 , and integrating findings into ServiceNow SecOps for streamlined remediation. Key Responsibilities: Perform regular vulnerability scans using tools such as Qualys , Tenable Nessus , and Rapid7 InsightVM . Analyze scan results to identify true positives, prioritize findings based on risk and criticality, and recommend remediation actions. Collaborate with IT infrastructure, application, and network teams to ensure timely patching and mitigation of identified vulnerabilities. Integrate vulnerability data into ServiceNow Security Operations (SecOps) for incident tracking and response coordination. Monitor vulnerability trends and provide risk insights to leadership. Support compliance initiatives and audits by providing reports and evidence of remediation efforts. Maintain documentation for vulnerability management procedures and policies. Assist in developing and improving vulnerability management workflows, processes, and automation. Required Skills & Experience: 3+ years of hands-on experience in vulnerability management or related cybersecurity roles. Strong expertise in using Qualys , Tenable Nessus , Rapid7 InsightVM , or equivalent tools. Familiarity with ServiceNow SecOps or other security orchestration and response platforms. Solid understanding of TCP/IP, operating systems (Windows, Linux), and common network services. Experience with CVSS scoring and vulnerability remediation prioritization. Ability to communicate technical issues to both technical and non-technical audiences. Preferred Certifications (at least one required): CompTIA Security+ CompTIA CySA+ GIAC Enterprise Vulnerability Assessor (GEVA) Nice to Have: Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS). Familiarity with scripting (Python, PowerShell) for automation of scanning and reporting tasks. Exposure to SIEM platforms and incident response procedures. Education: Bachelors degree in Information Security, Computer Science, or a related field (or equivalent practical experience). Thanks & Regards: Kanika Katiyar Associate Recruiter Email: kkatiyar@fcsltd.com FCS Software Solutions Limited https://www.fcsltd.com