Bachelor's degree in Cybersecurity, Information Technology, or related field
Experience in vulnerability management, cybersecurity operations, or risk/compliance support
Knowledge of NIST frameworks, RMF, and security compliance processes
Role-appropriate cybersecurity certifications (e.g., Security+, CEH, CySA+, or equivalent)
Requirements:
Perform vulnerability scanning, tracking, analysis, and reporting across enterprise systems
Analyze scan results and prioritize vulnerabilities based on risk, severity, and impact
Coordinate remediation activities with system owners and stakeholders
Conduct trend analysis and provide recommendations for risk reduction
Job description
cFocus Software seeks a Vulnerability Management Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote. This position requires the ability a Public Trust clearance. Qualifications:
Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
Experience in vulnerability management, cybersecurity operations, or risk/compliance support.
Experience working in enterprise environments of similar scale and complexity.
Knowledge of NIST frameworks, RMF, and security compliance processes.
Strong analytical and problem-solving skills
Experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7).
Familiarity with SIEM tools and security monitoring platforms.
Knowledge of cloud and hybrid environments.
Strong communication and reporting skills.
Required Certifications
Role-appropriate cybersecurity certifications (e.g., Security+, CEH, CySA+, or equivalent).
Additional certifications demonstrating competency in vulnerability management, risk, or operations are preferred.
Duties:
Perform vulnerability scanning, tracking, analysis, and reporting across enterprise systems.
Analyze scan results and prioritize vulnerabilities based on risk, severity, and impact.
Coordinate remediation activities with system owners and stakeholders.
Track and manage vulnerabilities through closure, including validation of remediation.
Conduct trend analysis and provide recommendations for risk reduction.
Support Risk Management Framework (RMF), POA&M tracking, and compliance reporting.
Assist in audits, artifact collection, and compliance documentation.
Support continuous monitoring and configuration compliance activities.
Participate in meetings and provide regular vulnerability status reports
