Vulnerability Management Analyst
Washington, D.C., US
Full Time Entry-level / Junior Clearance required USD 110K - 120K
Claroty
Claroty secures the Extended Internet of Things (XIoT) to achieve unmatched visibility, protection, and threat detection across all cyber-physical systems – OT, IoT, BMS, IoMT and more – in your environment.Description
We are seeking a detail-oriented and analytical Vulnerability Management Analyst to join our cybersecurity team. This role is critical in identifying, assessing, prioritizing, and remediating vulnerabilities across our enterprise IT infrastructure. The ideal candidate will have a solid understanding of vulnerability assessment tools, cybersecurity frameworks, and threat landscapes, and will collaborate with IT and business units to ensure timely mitigation of risks.
We’re growing and looking to hire an individual who embodies our core values: People First, Customer Obsession, Strive for Excellence, and Integrity.
About Claroty:
Claroty has redefined cyber-physical systems (CPS) protection with an unrivaled industry-centric platform built to secure mission-critical infrastructure. The Claroty Platform provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection – whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award-winning threat research and a breadth of technology alliances, The Claroty Platform enables organizations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents.
A Great Place to Work® certified company, Claroty is headquartered in New York City with employees across the Americas, Europe, Asia-Pacific, and Tel Aviv. The company is widely recognized as the industry leader in CPS protection, with backing from the world’s largest investment firms and industrial automation vendors, recognized by KLAS Research as Best in KLAS for Healthcare IoT Security five years in a row, and ranking on the Forbes Cloud 100 and Deloitte Technology Fast 500 multiple consecutive years.
Responsibilities
- Perform regular vulnerability assessments across on-premises and cloud environments using tools such as Tenable, Qualys, Snyk, BurpSuite, and/or Wiz.
- Analyze scan results, validate findings, and coordinate with system owners for remediation planning and verification.
- Develop and maintain a risk-based vulnerability prioritization model that incorporates CVSS, threat intelligence, exploitability, and business impact.
- Track and report on vulnerability remediation progress; generate dashboards and KPIs for leadership.
- Maintain an up-to-date inventory of IT assets to ensure comprehensive scan coverage.
- Support patch management efforts by identifying missing or outdated patches and coordinating deployment schedules.
- Assist in evaluating and onboarding new vulnerability management tools and technologies.
- Contribute to continuous improvement of vulnerability management processes, playbooks, and SLAs.
- Stay informed about emerging threats, vulnerabilities, and zero-days to support proactive defense strategies.
- Support internal and external audits by providing evidence of vulnerability management controls and remediation.
Requirements
Required Qualifications:
- U.S. Citizenship (required for working in GovCloud environments)
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field, or equivalent experience.
- 2–5 years of experience in vulnerability management, IT security operations, or related cybersecurity roles.
- Hands-on experience with one or more enterprise vulnerability scanning tools (e.g., Tenable, Qualys, Snyk, BurpSuite, and/or Wiz).
- Familiarity with operating systems (Windows, Linux/Unix), networking, and cloud platforms (AWS, Azure, GCP).
- Understanding of CVSS, NVD, MITRE ATT&CK, and other threat/vulnerability classification frameworks.
- Basic scripting knowledge (e.g., PowerShell, Python, Bash) is a plus.
- Experience with ticketing systems and security information and event management (SIEM) platforms preferred.
- Eligibility to obtain a security clearance is required.
Preferred Certifications:
- CompTIA Security+
- GIAC Certified Vulnerability Assessor (GVCA)
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- Other relevant security or cloud certifications
Soft Skills:
- Strong analytical and problem-solving skills.
- Effective written and verbal communication abilities.
- Ability to collaborate across teams and explain technical issues to non-technical stakeholders.
- Self-motivated with the ability to manage multiple priorities.
Why Claroty? Our Culture and Benefits:
- As a Great Place to Work® certified company, we take pride in the culture we’ve built together—one rooted in camaraderie, credibility, fairness, and respect.
- Claroty is a people first company. With strong bonds amongst the team, we believe in prioritizing personal care and support over work, confident that results follow from a harmonious environment. We celebrate professional and personal successes, committed to fostering a diverse and inclusive space.
- Stability, we demonstrate continued growth over the past few years, raised over 700M$ from top tier investors, we have top tier board members and our products are sold worldwide, over 1000 customers.
- We understand the importance of maintaining a healthy work-life balance, and encourage people to take the time they need to rest and prioritize their mental and physical health. We also provide a biannual “ClaroBreak”, a company-wide long weekend shutdown so we can all rest, recharge and spend time with our loved ones.
- We care about your development. At Claroty, we prioritize excellence and uphold high professional and ethical standards. We encourage career growth and exploration within the company, facilitated by biannual performance reviews, feedback sessions, and individual development planning, complemented by professional courses.
- We believe in transparency and openness. That’s why we regularly hold company all-hands, town hall meetings, and “Coffee with the CEO” sessions. We also conduct round table sessions and employee satisfaction surveys, to keep a pulse on what matters most to our team members and make our culture the best it can be.
- While we have physical offices in New York, Tel Aviv, London and Singapore, we also embrace a hybrid working culture. This flexibility allows us to tap into a diverse talent pool and enables our team members to work in a way that suits their individual preferences and circumstances.
Claroty is an equal-opportunity employer committed to fostering a diverse and inclusive work environment for all. We encourage applications from candidates of ALL diverse backgrounds, and special accommodations are available upon request in all selection phases.
You’re more than welcome to follow us on social media:
Expected compensation for the role is between $110,000 - $120,000. This is a good-faith estimate but does not include equity. Pay will be by experience level, but those outside of the salary band are welcome to apply.
While we believe competitive compensation is a critical aspect of your decision to join us, we do hope you also spend time considering why our mission and culture are right for you. We are creating something amazing here, and we hope you are as excited about the future as we are.
Tags: Audits Automation AWS Azure Bash Burp Suite CEH Clearance Cloud CompTIA CVSS GCP GIAC Industrial IoT IT infrastructure KPIs Linux MITRE ATT&CK Offensive security OSCP PowerShell Python Qualys Scripting Security Clearance SIEM SLAs Threat detection Threat intelligence Threat Research UNIX Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development Competitive pay Equity / stock options Health care Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.