Senior Vulnerability Management Analyst (Austin)
Luna Data Solutions, Inc., Austin, TX, United States
We are seeking a Vulnerability Management & Remediation Coordination Lead role in Austin, TX, for a long-term contract.
Remote - TX preferred
DESCRIPTION
Vulnerability Inventory and Baseline Establishment
1. Review the Agency’s existing vulnerability data, including vulnerabilities identified through scanning, assessments, or other security tools.
2. Establish and maintain a consolidated vulnerability baseline.
3. Develop and document a remediation timeline for all identified vulnerabilities, reflecting current risk posture and aging.
Risk Classification and Prioritization
1. Ensure that vulnerabilities are categorized and prioritized based on risk, severity, exploitability, and potential impact to Agency operations.
2. Align vulnerability classification and prioritization to applicable NIST guidance.
3. Validate that remediation timeframes align with Agency established expectations for different vulnerability risk levels.
Remediation Coordination and Communication
1. Coordinate remediation activities with system, server, and application owners.
2. Communicate clear remediation expectations, risk context, and required timelines to responsible parties.
3. Track remediation progress and identify blockers, dependencies, or delays impacting closure.
4. Escalate overdue, high risk, or critical vulnerabilities to appropriate Agency governance or oversight bodies, in accordance with Agency processes.
Tracking, Metrics, and Reporting
1. Maintain ongoing tracking of vulnerability remediation status.
2. Produce periodic status reports summarizing.
Validation and Closure
1. Validate remediation actions through available evidence, including vulnerability scan results or other supporting artifacts.
2. Confirm closure of vulnerabilities in tracking systems once remediation is completed and validated.
3. Ensure vulnerabilities that cannot be remediated within required timeframes are formally documented and supported by approved risk acceptance or exception documentation, in accordance with Agency policy.
Program Improvement Support
1. Identify process gaps, systemic issues, or control weaknesses affecting vulnerability remediation effectiveness.
2. Provide recommendations for improving vulnerability remediation processes and accountability, aligned with NIST standards and Agency governance requirements.
Required Skills:
8 years of experience in Vulnerability Inventory and Baseline Establishment
8 years of experience in Risk Classification and Prioritization
8 years of experience in tracking vulnerability remediation
8 years of experience in producing status reports
8 years of experience in validating remediation actions through available evidence, including vulnerability scan results
What We Offer
Work on a highly innovative team with cutting-edge technology
Great opportunity to make a big impact and take ownership of technology initiatives
Altruistic work
Competitive compensation and benefits including health, dental, vision, life and accident insurance, short-term disability insurance, and more!
Luna Data Solutions, Inc. (LDS) provides equal employment opportunities to all employees. All applicants will be considered for employment. LDS prohibits discrimination and harassment of any type regarding age, race, color, religion, sexual orientation, gender identity, sex, national origin, genetics, protected veteran status, and/or disability status.
Remote - TX preferred
DESCRIPTION
Vulnerability Inventory and Baseline Establishment
1. Review the Agency’s existing vulnerability data, including vulnerabilities identified through scanning, assessments, or other security tools.
2. Establish and maintain a consolidated vulnerability baseline.
3. Develop and document a remediation timeline for all identified vulnerabilities, reflecting current risk posture and aging.
Risk Classification and Prioritization
1. Ensure that vulnerabilities are categorized and prioritized based on risk, severity, exploitability, and potential impact to Agency operations.
2. Align vulnerability classification and prioritization to applicable NIST guidance.
3. Validate that remediation timeframes align with Agency established expectations for different vulnerability risk levels.
Remediation Coordination and Communication
1. Coordinate remediation activities with system, server, and application owners.
2. Communicate clear remediation expectations, risk context, and required timelines to responsible parties.
3. Track remediation progress and identify blockers, dependencies, or delays impacting closure.
4. Escalate overdue, high risk, or critical vulnerabilities to appropriate Agency governance or oversight bodies, in accordance with Agency processes.
Tracking, Metrics, and Reporting
1. Maintain ongoing tracking of vulnerability remediation status.
2. Produce periodic status reports summarizing.
Validation and Closure
1. Validate remediation actions through available evidence, including vulnerability scan results or other supporting artifacts.
2. Confirm closure of vulnerabilities in tracking systems once remediation is completed and validated.
3. Ensure vulnerabilities that cannot be remediated within required timeframes are formally documented and supported by approved risk acceptance or exception documentation, in accordance with Agency policy.
Program Improvement Support
1. Identify process gaps, systemic issues, or control weaknesses affecting vulnerability remediation effectiveness.
2. Provide recommendations for improving vulnerability remediation processes and accountability, aligned with NIST standards and Agency governance requirements.
Required Skills:
8 years of experience in Vulnerability Inventory and Baseline Establishment
8 years of experience in Risk Classification and Prioritization
8 years of experience in tracking vulnerability remediation
8 years of experience in producing status reports
8 years of experience in validating remediation actions through available evidence, including vulnerability scan results
What We Offer
Work on a highly innovative team with cutting-edge technology
Great opportunity to make a big impact and take ownership of technology initiatives
Altruistic work
Competitive compensation and benefits including health, dental, vision, life and accident insurance, short-term disability insurance, and more!
Luna Data Solutions, Inc. (LDS) provides equal employment opportunities to all employees. All applicants will be considered for employment. LDS prohibits discrimination and harassment of any type regarding age, race, color, religion, sexual orientation, gender identity, sex, national origin, genetics, protected veteran status, and/or disability status.