Vulnerability Analyst

Arrowstreet CapitalBoston, MA
2d$80,000 - $135,000
Match Resume

About The Position

We are seeking a Vulnerability Analyst to support and operate our enterprise vulnerability management program as part of the Cybersecurity team. This role responsible for technical vulnerability analysis, risk-based prioritization, and remediation alignment using enterprise vulnerability platform and supporting tools.

Requirements

  • 3–5 years of hands-on cybersecurity experience, preferably in vulnerability management or security engineering.
  • Experience operating vulnerability scanning platforms such as TenableOne Nessus, Rapid7 InsightVM, OpenVAS and/or Qualys VMDR.
  • Strong working knowledge of Vulnerabilities, exploits, and common attack vectors, CVSS scoring and risk-based prioritization, Linux operating systems and command-line tools as well as MITRE ATT&CK framework or similar attack frameworks.
  • Ability to translate technical vulnerability data into actionable remediation guidance.
  • Ability to define, measure, and report on key risk indicators (KRIs) and key performance indicators (KPIs).

Nice To Haves

  • Exposure to red team, purple team, or offensive security activities.
  • Experience mapping vulnerabilities to attacker techniques or simulating adversary behaviour.
  • Familiarity with threat intelligence or exploit research.
  • AWS/Azure cloud or hybrid environment exposure.
  • Scripting or automation experience (Python, Bash) is a plus.
  • Understanding of FAIR framework or similar methodologies is a plus.
  • Experience with CSPM or similar technologies is a plus.

Responsibilities

  • Operate and manage our enterprise vulnerability management platform, including vulnerability discovery, analysis, and lifecycle management.
  • Triage and prioritize vulnerabilities using CVSS scoring frameworks in conjunction with internal risk methodologies, threat context, and asset criticality.
  • Analyze vulnerabilities in the context of known exploits, bugs, and active threat activity.
  • Apply attack frameworks (e.g., MITRE ATT&CK) to evaluate potential attacker techniques, attack paths, and exposure impact.
  • Define and maintain technical reporting criteria that align vulnerabilities with appropriate remediation teams and the target operating model.
  • Partner with infrastructure, application, and platform teams to drive remediation outcomes.
  • Validate findings and investigate false positives through system, service, and configuration review.
  • Operate comfortably in Linux-based environments, including command-line troubleshooting and service inspection.
  • Troubleshoot, optimize, and implement technical configurations and plugin modifications to enhance scanning processes and improve outcomes.
  • Participate in the Cybersecurity team’s on-call and escalation rotation.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

1-10 employees

Job Search Resources

Similar Vulnerability Analyst job opportunities

Vulnerability Assessment Analyst
Halvik
Halvik • Vienna, VA10d
Vulnerability Assessment Analyst
Halvik
Halvik • Arlington, VA8d • Onsite
Lead Vulnerability Assessment Analyst
INFINITY SYSTEMS ENGINEERING LLC
INFINITY SYSTEMS ENGINEERING LLC • Albuquerque, NM12d
Senior Vulnerability Management Analyst
SailPoint
SailPoint • Austin, TX7d • Remote
Analyst Sr., Vulnerability Reporting
Carnival Corporation
Carnival Corporation • Doral, FL5d • Hybrid
Analyst Sr., Vulnerability Reporting
Carnival Corporation
Carnival Corporation • Miami, FL4d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service