Analyst, Vulnerability Management Automation

The Analyst, Vulnerability Management Automation will lead and mature our enterprise vulnerability management program. This role will focus on proactive vulnerability communication, scalable automation, asset ownership integration, and vulnerability analysis. You will work cross-functionally with security, IT, engineering, and business stakeholders to reduce risk through strategic vulnerability lifecycle management.

Primary Accountabilities:
Technical (20%)

• Design, implement, and manage automated workflows for vulnerability scanning, alerting, prioritization, and remediation tracking.
• Integrate vulnerability data into asset management, ticketing, and security orchestration tools.
• Identify opportunities to reduce manual work and improve efficiency through scripting and automation.

Intelligence & Analysis (30%)

• Perform in-depth vulnerability analysis, including CVE triage, contextual risk assessment, and false-positive validation.
• Correlate threat intelligence, exploitability, and business context to prioritize vulnerabilities for remediation.
• Collaborate with penetration testers and security researchers to contextualize and escalate critical issues.

Cross-Functional Coordination & Communication (25%)

• Serve as the central point of contact for vulnerability-related issues across the organization.
• Communicate vulnerability impact, exposure, and remediation status to both technical and non-technical audiences.
• Develop and maintain dashboards, reports, and metrics tailored to various stakeholders (e.g., engineering, executives, compliance).
• Lead complex vulnerability triage and identification efforts to evaluate risks to the company.
• Drive vulnerability remediation efforts through structured SLAs and escalation paths.

Governance, Ownership, & Lifecycle Management (25%)

• Partner with IT, engineering, and business units to establish clear asset ownership and accountability.
• Ensure complete and accurate mapping of vulnerabilities to assets and owners in CMDB or asset inventory systems.
• Support lifecycle processes for introducing, maintaining, and retiring assets with secure configuration baselines.

Qualifications:
Required

• 5+ years of experience in cybersecurity, with 2+ years in vulnerability management or related roles.
• Bachelor’s degree in Cyber Security, Computer Science, IT or other related field required.
• Direct experience with vulnerability correlation and automation tools like Vulcan, Nucleus, etc.
• Strong understanding of CVEs, CVSS scoring, MITRE ATT&CK, and exploitability metrics.
• Hands-on experience with vulnerability management platforms (e.g., Tenable, Qualys, Rapid7, etc.).
• Familiarity with scripting and automation tools (e.g., Python, PowerShell, Ansible).
• Effective communication skills and experience working with cross-functional teams.
• Working knowledge of asset management systems and integration with vulnerability tools.

Preferred

• Experience with security orchestration and automation (SOAR) tools.
• Familiarity with ticketing systems (e.g., Jira, ServiceNow) and SIEM solutions.
• Relevant certifications (e.g., CISSP, OSCP, GCFA, or similar).

Individual Competencies:

• Integrity: Gains the trust of others through a strong commitment to security, compliance, taking responsibility for your own actions and telling the truth.
• Teamwork: Builds relationships and works cooperatively with others, inside and outside the organization, to accomplish objectives to build and maintain mutually-beneficial partnerships, leverage information and achieve results.
• Adaptable: Responds to change with a willingness to learn new ways to accomplish work objectives with a positive attitude.
• Innovative: Ability to develop, sponsor, or support the introduction of new and improved methods, products, procedures or technologies.
• Curious: A desire to inquire and learn, to seek new knowledge and wisdom, and to listen to the contributions of others with a genuine interest to better self, the team, and the organization.
• Analytical and Critical Thinking: Ability to tackle a problem by using a logical, systematic, sequential approach.
• Problem Solving: Gathers and analyzes information to generate and evaluate potential solutions to problems, issues and challenges while weighing the accuracy and relevance of the facts, data and information.

Why Join Us?

• Be part of a cybersecurity-forward organization where security is a business priority.
• Help shape a modern, scalable vulnerability management program from the ground up.
• Work with cutting-edge tools and influence automation, ownership, and risk reduction strategies.

At Inmar, we put people first and that means empowering our associates to thrive at every stage of life and career. Our comprehensive and competitive benefits package is thoughtfully designed to support a wide range of lifestyles and life stages.

Eligible associates have access to:

• Medical, Dental, and Vision insurance

• Basic and Supplemental Life Insurance options

• 401(k) retirement plans with company match

• Health Spending Accounts (HSA/FSA)

We also offer:

• Flexible time off and 11 paid holidays

• Family-building benefits, including Maternity, Adoption, and Parental Leave

• Tuition Reimbursement and certification support, reflecting our commitment to lifelong learning

• Wellness and Mental Health counseling services

• Concierge and work/life support resources

• Adoption Assistance Reimbursement

• Perks and discount programs

Please note that eligibility for some benefits may depend on your job classification and length of employment. Benefits are subject to change and may be governed by specific plan or program terms.

We are an Equal Opportunity Employer, including disability/vets.

This position is not eligible for student visa sponsorship, including F-1 OPT or CPT. Candidates must have authorization to work in the U.S. without the need for employer sponsorship now or in the future.