USAA

Securance Consulting is a national cybersecurity consulting firm that helps private and public-sector organizations manage technology risks and threats, improve their security defenses, and achieve regulatory compliance. We are looking for a security professional (Vulnerability Management Analyst) to support our client’s cybersecurity team in Houston, Texas. This is a full-time contract role that will require 40 hours a week of onsite work for an initial period of six months. The successful candidate may be offered a permanent full-time position after the initial evaluation period.

Position Summary
The Vulnerability Management Analyst will be a key member of our client’s cybersecurity team, responsible for protecting the organization's assets by identifying, assessing, and prioritizing security vulnerabilities. This role will be heavily involved in the end-to-end vulnerability management lifecycle, from conducting regular vulnerability scans to ensuring timely patch deployment and risk remediation.

Responsibilities

• Vulnerability Scanning and Analysis: Conduct routine and ad-hoc vulnerability scans of network infrastructure, applications, cloud environments, and other IT assets using tools such as Qualys, Nessus, and Rapid7.
• Risk Scoring and Prioritization: Analyze scan results to prioritize vulnerabilities based on severity, exploitability, and potential impact to the business. Utilize risk-based frameworks (e.g., CVSS, EPSS) to score and prioritize vulnerabilities effectively.
• Patch and Remediation Management: Coordinate the remediation process with system and application owners across the organization. Track remediation activities.
• Reporting and Metrics: Develop and present clear, actionable reports and dashboards to technical teams, management, and executive leadership.
• Incident Response Support: Assist the incident response team during major security events by providing rapid vulnerability analysis and mitigation guidance.
• Continuous Improvement: Identify and evaluate new tools, techniques, and processes to enhance the efficiency and effectiveness of the vulnerability management program.
• Collaboration and Communication: Act as a central point of contact for vulnerability-related issues, fostering strong relationships with cross-functional teams to drive risk reduction.
• Policy and Compliance: Contribute to the development and maintenance of vulnerability management policies and procedures, ensuring compliance with NIST and other industry standards.

Qualifications

• Education: Associate’s degree in Computer Science, Management and Information Systems, Business, or a related field, or equivalent experience. Technical certifications may be substituted for an Associate’s degree.
• Experience: At least two years of experience working in IT security or supporting the security aspects of infrastructure and application teams’ operations. Experience working in law enforcement is highly desirable.
• Hands-on experience with vulnerability scanning platforms (e.g., Qualys, Tenable, Rapid7).
• Strong understanding of security frameworks and standards (e.g., NIST, CVSS).
• Proficiency in scripting languages like Python or PowerShell for automation is a plus.
• Familiarity with patch management processes for various operating systems (Windows, Linux) and applications.
• Certifications: One or more professional certifications, such as CompTIA Security+, CompTIA Cybersecurity Analyst + (CySA+), or GIAC Security Essentials (GSEC).
• Soft Skills: Strong analytical, problem-solving, and communication skills, with the ability to convey technical risks to non-technical stakeholders.

Job Type: Contract

Pay: $55,000.00 - $85,000.00 per year

Application Question(s):

• Are you a United States citizen?

Location:

• Houston, TX 77002 (Required)

Ability to Commute:

• Houston, TX 77002 (Required)

Work Location: In person