Cybersecurity Analyst – Vulnerability Management (Qualys VMDR / Splunk / Data Analytics)

$60.00 - $70.00 per hour

Contract

Information Technology

New York, NY, 10020

Job ID: 

28653044

Cybersecurity Analyst – Vulnerability & Patch Management

Location: New York, NY (Hybrid)
 

We are seeking a Cybersecurity Analyst to support and enhance a mature Vulnerability & Patch Management program within a large, complex enterprise environment. This position is ideal for a security professional who enjoys working with large datasets, vulnerability analytics, risk-based remediation, and executive-level reporting.

In this role, you will drive the full vulnerability management lifecycle, partnering with infrastructure, application, and security teams to identify, prioritize, track, and remediate vulnerabilities across the organization. You will leverage data-driven insights to improve security posture, reduce risk, and support compliance initiatives.

Key Responsibilities

  • Manage the end-to-end vulnerability management lifecycle, including identification, analysis, prioritization, remediation tracking, and reporting.

  • Analyze large vulnerability datasets to identify trends, remediation opportunities, and areas of elevated risk.

  • Utilize Qualys VMDR to monitor, assess, and track vulnerabilities across enterprise environments.

  • Develop dashboards, reports, KPIs, and KRIs for leadership and operational teams.

  • Partner with infrastructure, application, and security teams to drive timely remediation efforts.

  • Monitor patch compliance, manage remediation SLAs, and escalate aging vulnerabilities as needed.

  • Perform advanced analysis using Excel, Power Query, Pivot Tables, and reporting tools.

  • Leverage Splunk and query languages to analyze security data and support vulnerability investigations.

  • Develop and maintain scripts and automation using Groovy and other scripting technologies.

  • Support audit, compliance, and regulatory requirements aligned with frameworks such as NIST and FFIEC.

  • Collaborate with global technology and security teams to improve vulnerability management processes and controls.

  • Assist with cybersecurity projects, audit remediation activities, and security initiatives as required.

Required Qualifications

  • 3+ years of experience in Vulnerability Management, Patch Management, Cybersecurity Operations, or a related security discipline.

  • Hands-on experience with Qualys VMDR.

  • Experience working with large security or vulnerability datasets.

  • Advanced Microsoft Excel skills, including Pivot Tables, Power Query, VLOOKUP/XLOOKUP, and reporting.

  • Experience with Splunk and SPL (Search Processing Language) or similar query languages.

  • Experience developing or maintaining Groovy scripts.

  • Strong understanding of vulnerability remediation workflows, risk prioritization, and patch management processes.

  • Experience creating executive reporting, KPIs, and security metrics.

  • Knowledge of security frameworks and standards such as NIST, FFIEC, or similar.

  • Excellent communication and stakeholder management skills.

Preferred Qualifications

  • Experience with SIEM platforms and security analytics.

  • Knowledge of POAM management and remediation tracking.

  • Power BI reporting experience.

  • Financial Services or other highly regulated industry experience.

  • Security certifications such as CISSP, CISM, CRISC, Security+, or equivalent.

What We're Looking For

The ideal candidate combines strong cybersecurity fundamentals with exceptional data analysis skills. This person should be comfortable working with millions of vulnerability records, identifying meaningful trends, developing actionable reporting, and partnering with technical teams to drive remediation efforts across a large enterprise environment.

Key Skills & Technologies

  • Vulnerability Management
  • Patch Management
  • Vulnerability Remediation
  • Risk-Based Vulnerability Management (RBVM)
  • Qualys VMDR
  • Qualys
  • Vulnerability Assessment
  • Vulnerability Scanning
  • CVE Analysis
  • CVSS Scoring
  • Threat & Vulnerability Management
  • Security Analytics
  • Cybersecurity Operations
  • Security Operations
  • SIEM
  • Splunk
  • SPL (Search Processing Language)
  • Log Analysis
  • Security Reporting
  • KPI Development
  • KRI Development
  • Power BI
  • Advanced Excel
  • Pivot Tables
  • Power Query
  • VLOOKUP / XLOOKUP
  • Large Dataset Analysis
  • Data Analytics
  • Data Visualization
  • Groovy Scripting
  • Process Automation
  • Remediation Tracking
  • SLA Management
  • POAM Management
  • Risk Assessment
  • Security Controls
  • Audit Support
  • NIST
  • FFIEC
  • Regulatory Compliance
  • Information Security
  • Cyber Risk Management
  • ServiceNow
  • Endpoint Security
  • Infrastructure Security
  • Enterprise Security

PRO038
#LI-DH2

Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.

Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Share this job

SCHEMA MARKUP ( This text will only show on the editor. )

Requirements to Apply

This job is no longer available