Vulnerability Assessment Analyst
About The Position
Halvik Corp delivers a wide range of services to 13 executive agencies and 15 independent agencies. Halvik is a highly successful WOB business with more than 50 prime contracts and 500+ professionals delivering Digital Services, Advanced Analytics, Artificial Intelligence/Machine Learning, Cyber Security and Cutting-Edge Technology across the US Government. Be a part of something special! We're seeking a Vulnerability Assessment Analyst to help identify, triage, and drive remediation of security vulnerabilities across infrastructure, endpoints, cloud, and applications. The ideal candidate brings strong vulnerability management fundamentals and a preferred skillset in ServiceNow and ServiceNow Vulnerability Response (VR) to operationalize intake, prioritization, exception handling, and reporting.
Requirements
- 2+ years in vulnerability management, security operations, or related cyber role.
- Hands-on experience with vulnerability concepts and standards (e.g., CVSS, remediation validation, patch management coordination).
- Experience using common scanners and sources (e.g., Tenable, Crowdstrike Spotlight, container/cloud findings, SAST/DAST output).
- Strong analytical skills: ability to interpret technical findings and translate them into clear remediation actions.
- Excellent communication and stakeholder management across IT and security teams.
Nice To Haves
- Experience administering or power-using ServiceNow Vulnerability Response (VR) (creating vulnerability groups, assignment rules, SLAs, exceptions).
- Working knowledge of ServiceNow CMDB concepts (CI relationships, ownership, criticality) and how they affect prioritization.
- Experience integrating VR with scanners (e.g., Tenable/Qualys/Rapid7) and improving data quality and deduplication.
- Familiarity with ServiceNow reporting, Performance Analytics, or dashboarding for vulnerability KPIs.
Responsibilities
- Own day-to-day vulnerability intake, analysis, and triage from scanning and security tools; validate findings and reduce false positives.
- Perform risk-based prioritization (asset criticality, exploitability, exposure, compensating controls) and define remediation SLAs with stakeholders.
- Create and manage vulnerability remediation work in ServiceNow Vulnerability Response (VR) (e.g., groups, assignments, tasks, exceptions).
- Partner with infrastructure, cloud, and application teams to drive remediation to closure, including patching, configuration changes, or compensating controls.
- Support vulnerability operations such as retests/verification, aging management, backlog reduction, and remediation quality checks.
- Develop and maintain dashboards and metrics (open/overdue trends, MTTR, SLA compliance, recurrence) in ServiceNow and/or BI tools.
- Assist with policy and process (remediation SLAs, exception/risk acceptance workflow, evidence collection for audits).
- Contribute to continuous improvement: tuning scanner policies, workflow automation, CMDB alignment, and data quality controls.
Benefits
- Company-supported medical, dental, vision, life, STD, and LTD insurance
- Benefits include 11 federal holidays and PTO
- Eligible employees may receive performance-based incentives in recognition of individual and/or team achievements.
- 401(k) with company matching
- Flexible Spending Accounts for commuter, medical, and dependent care expenses
- Tuition Assistance
- Charitable Contribution matching
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
