CrawlJobs Logo

Senior Vulnerability Management Analyst (Risk, Remediation, Reporting)

dutechsystems.com Logo

Dutech Systems

Location Icon

Location:
United States , Austin

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking an experienced Senior Vulnerability Management Analyst to lead vulnerability tracking, risk prioritization, and remediation validation across enterprise environments. The ideal candidate will have strong expertise in vulnerability lifecycle management, risk assessment, and reporting, ensuring timely resolution of security risks and compliance with organizational standards.

Job Responsibility:

  • Establish and maintain vulnerability inventory and baseline across systems and applications
  • perform risk classification and prioritization of identified vulnerabilities
  • track and manage vulnerability remediation efforts across teams
  • validate remediation actions using scan results and supporting evidence
  • generate and deliver status reports, dashboards, and metrics for stakeholders
  • collaborate with IT, security, and application teams to ensure timely resolution
  • monitor compliance with security policies and remediation SLAs
  • identify trends and provide recommendations to improve security posture
  • support audits and ensure proper documentation of vulnerability management processes

Requirements:

  • 8+ years of experience in vulnerability management or cybersecurity
  • strong experience with vulnerability inventory, tracking, and remediation processes
  • expertise in risk classification and prioritization methodologies
  • experience validating remediation using vulnerability scan tools and reports
  • strong reporting and documentation skills
  • ability to work independently and manage multiple priorities

Nice to have:

  • Experience with enterprise vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7)
  • knowledge of security frameworks (NIST, ISO 27001, CIS)
  • experience working in large-scale enterprise environments
  • relevant certifications (e.g., CISSP, CEH, Security+)

Additional Information:

Job Posted:
May 04, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Dutech Systems - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31694 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Vulnerability Management Analyst (Risk, Remediation, Reporting)

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Junior IT Risk Analyst

The IT Risk Analyst, based in Barcelona, plays a key role in supporting excellen...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Mathematics, Statistics, Computer Science, Engineering, Business, or related field
  • 1-2 years of experience in IT risk management, IT audit, IT Consultancy, IT Advisory or a related field
  • Basic understanding of IT Governance and IT Risk Management Frameworks (e.g., COBIT2019, ISO27001, ISF, etc.)
  • Basic understanding of regulatory requirements (e.g., DORA, GDPR, etc.)
  • Strong analytical and problem-solving skills
  • Fluent in English
  • German is a plus.
Job Responsibility
Job Responsibility
  • Assist in conducting regular risk assessments to identify potential IT threats and vulnerabilities
  • Help in analyzing the impact and likelihood of risks
  • Gather and analyze data related to IT risks, incidents, and controls
  • Prepare reports and presentations for senior management
  • Support the monitoring of adherence to Group Risk policies and standards
  • Assist in ensuring transparent and effective identification of IT risks and respective remediation plans
  • Maintain detailed records of risk assessments, mitigation plans, and incidents
  • Assist in preparing quarterly and ad-hoc reports on the internal control system with a focus on IT processes
  • Work closely with other departments, such as IT, legal, compliance, and business units, to support a holistic approach to risk management
  • Assist in regular and ad-hoc touchpoints with Operating Entities
What we offer
What we offer
  • Hybrid work model with up to 25 days per year working from abroad
  • Company bonus scheme
  • Pension benefits
  • Employee shares program
  • Multiple employee discounts
  • Career development and digital learning programs
  • International career mobility
  • Flexible working
  • Health and wellbeing offers, including healthcare and parental leave benefits.
  • Fulltime
Read More
Arrow Right

Engineering Lead Analyst

This is a key role in Tech risk remediation and related to Cybersecurity vulnera...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10-12 years of relevant experience in the Financial Service industry
  • Experience as Applications Development Manager
  • Experience as senior level in an Applications Development role
  • Deep Understanding of programming language Java, Python, Databases Oracle, MS SQL, Mongodb and software design principles
  • Stakeholder and people management experience and excellent communication skills
  • Demonstrated leadership skills
  • Proven project management skills
  • Basic knowledge of industry practices and standards
  • Consistently demonstrates clear and concise written and verbal communication
Job Responsibility
Job Responsibility
  • Provide technology solutions and automation for Tech risk remediation related to Cybersecurity vulnerabilities across wealth Tech
  • Oversee the framework of risk remediation, implementing solutions to bring down open vulnerabilities related to cybersecurity, VTM, Third party software, data base, Component Vulnerabilities, Static Build Testing, Container vulnerabilities, Cryptographic/Ciphers etc
  • Work automation of cyber security risk to bring efficiency and standardization
  • In collaboration with CTI, IS, IT Teams, and Risk and control, create integrated risk mitigation execution approach for work areas of Application Framework, OS, Middleware, Messaging, Virtualization, Databases
  • Ensure transparency and accountability by regular risk reporting to senior management
  • Manage operational tasks, such as risk identification and remediation, and provide mentorship to internal teams
  • Manage challenges of Security vulnerabilities and breaches, third party risks and regulatory changes
  • Manage Audit Cycles, Technology patches and upgrades
  • Contribute to applications systems analysis and programming activities including feasibility studies, time and cost estimates, IT planning, risk technology, applications development, model development
  • Monitor and control all phases of development process and analysis, design, construction, testing, and implementation
  • Fulltime
Read More
Arrow Right

External Security Certifications Analyst

We are seeking an experienced ISO27001 auditor to join our globally expanding Ex...
Location
Location
United Kingdom , Northampton; Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • ISMS ISO27001 Internal Auditor – Ability to plan, deliver and report on an Information Security Management System internal continual assessment of a site location, function or process
  • Understanding of technical requirements and passing criteria as laid down by the UK National Cyber Security Centre for Cyber Essentials Plus
  • Understanding of technical requirements and passing criteria for BSI Kitemark certifications
Job Responsibility
Job Responsibility
  • Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host
  • Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment
  • Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affect business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices
  • Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales
  • Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications
  • Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Cross-disciplinary Controls Sr. Lead Analyst

This role involves managing operational risk and control processes with a strong...
Location
Location
Colombia , Bogotá
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of experience in operational risk management, compliance, audit, or other control-related functions in the financial services industry
  • Ability to identify, measure, and manage key risks and controls
  • Track record leading Control related projects and programs
  • Ability to see the big pictures with high attention to critical details
  • Develop and implement strategy and process improvement initiatives
  • Comprehensive knowledge of Citi’s businesses and functions and their risk profiles
  • Developing new ideas and improving current processes to proactively mitigate risks
  • Requires an ability to provide challenge and make recommendation for risk and controls remediation
  • Expert knowledge in the development and execution for controls
  • Proven experience in control related functions in the financial industry
Job Responsibility
Job Responsibility
  • Develop and maintain robust MIS reports and dashboards to monitor key risk indicators (KRIs) and control performance indicators (CPIs)
  • Provide insightful analysis of risk data to support strategic decision-making
  • Contribute to the development and implementation of AI governance frameworks, ensuring ethical use, transparency, fairness, and accountability of AI systems
  • Perform assurance activities over AI models and their associated data
  • Stay abreast of industry trends in risk management, MIS technologies, and artificial intelligence to continuously enhance risk and control capabilities
  • Support the safe growth and management of the Citi Markets business line and its associated higher risk segments through robust risk mitigation
  • Identify and assess risk, vulnerabilities, and opportunities for efficient and effective risk coverage
  • Work within team and across business/functional line management to assess complex issues, structure potential solutions, and drive effective resolution within permissible statutory and regulatory frameworks
  • Evaluate and respond to escalated matters and further escalate as required
  • Advise senior management on next steps as needed
What we offer
What we offer
  • Global benefits to support well-being, growth and work-life balance.
  • Fulltime
Read More
Arrow Right

Vulnerability Management Senior Cyber Security Analyst

Location (Primary) - Noida / Chennai (Secondary) GCF Level - 2A(01 nos) & 2B(01 ...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must hands on experience with detection and monitoring tools (Microsoft Defender for Endpoint EDR/XDR, WIZ, NESSUS PRO, Dynatrace)
  • Experience information system management and mapping tools (CMDB, VISIT)
  • Good knowledge of software distribution tools (SCCM, Intune, Satellite, Ansible, etc.), and reporting and analysis tools (PowerBI)
  • Experience with ServiceNow (SNOW), specifically the SECOPS module
  • Strong understanding of - On-prem infrastructure, SaaS / IaaS / Cloud workloads, Application vulnerability context
  • Ability to enrich findings using CMDB / asset mapping tools
  • Working knowledge of - SCCM, Intune, Ansible, Satellite
  • Stakeholder & Coordination Skills
  • Documentation & Effective Communication - Clear communication (EN/FR preferred) with structured documentation mindset
  • Process & Continuous Improvement Mindset
Job Responsibility
Job Responsibility
  • Oversee the receipt, analysis, and tracking of vulnerabilities from various sources (CERT, scanning tools, division reports)
  • manage backlog processing, and create or update vulnerability tickets using multiple detection and asset management tools
  • Assess and identify impacted assets across various environments
  • Qualify vulnerabilities by evaluating exposure, versions, severity, attack vectors, and client context
  • Enhance asset information using CMDB, and promptly issue alerts for critical vulnerabilities
  • Develop, implement, and coordinate remediation plans by analyzing security advisories and scan reports
  • Defining tailored action strategies (including patches, workarounds, and updates)
  • Prioritizing tasks, tracking requests in ServiceNow
  • Sending criticality-based reminders, and supporting remediation teams
  • Monitor and validate patch application by ensuring timely verification
  • Fulltime
Read More
Arrow Right

InfoSec Risk Senior Analyst / Analyst

Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of experience for the Senior Analyst and 2 years of experience for the Analyst in the banking sector and information security field, including the following background: Risk assessment, identification and mitigation
  • Security controls, security baseline, technology best practices
  • Has an integration knowledge across different security technologies and systems
  • Security control enforcement, measure of effectiveness and proposing compensating controls
  • CBE regulations
Job Responsibility
Job Responsibility
  • Review & maintain the Risk profile according to the bank's Cyber Security Risk appetite
  • Identify information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assess information security risks for IT assets and propose appropriate measures to eliminate/reduce risk
  • Coordinate with Information Security teams to manage the risk assessment activities
  • Engage InfoSec Teams in all new initiatives and projects to handle InfoSec risk assessment for new projects/technologies with concerned stakeholders
  • Follow up on Audit reports along with audit Findings/Recommendations by Internal Audit/External Audit, CBE and ensure remediation with the related parties
  • Ensure maintaining Global InfoSec Risk Register for all assessed IT assets & follow up on open risks until closure
  • Review the cases performed by the InfoSec Governance & Compliance Teams from risk perspective side
  • Participate in the Change Advisory Board (CAB) meeting
  • Work on standard and ad-hoc threats providing InfoSec risk assessment as needed
Read More
Arrow Right