Job Description
Role Summary
Responsible for analyzing vulnerability data, communicating risk to stakeholders, tracking remediation progress, and supporting system/application owners with actionable remediation guidance.
Core Responsibilities
• Vulnerability Analysis & Prioritization
o Run vulnerability scan results across infrastructure, applications, cloud, and specialized environments
o Assess risk using CVSS, exploitability, threat intelligence, asset criticality, and business context
o Differentiate false positives, inherited risk, compensating controls, and environmental constraints
o Analyze vulnerability scan results and identify high-risk findings based on severity, exploitability, and business impact
o Support risk-based prioritization to ensure focus on the most critical exposures
• Stakeholder Communication
o Clearly communicate vulnerability risk to technical and non-technical stakeholders
o Distribute vulnerability reports and ensure appropriate teams and leadership are informed
o Escalate critical or time-sensitive vulnerabilities as needed
• Remediation Tracking & Coordination
o Track vulnerability remediation across systems and teams, ensuring alignment with defined SLAs
o Monitor remediation progress and follow up with owners to drive closure
o Maintain tracking artifacts (dashboards, reports, tickets) to demonstrate progress and accountability
• Remediation Guidance & Support
o Provide clear, actionable remediation recommendations (patching, configuration changes, compensating controls)
o Assist teams when remediation is blocked or requires alternative mitigation approaches
• Reporting, Metrics & Program Maturation
o Produce regular reporting on vulnerability posture, remediation status, and SLA performance
o Support development of metrics that measure program effectiveness and risk reduction
o Develop meaningful metrics that demonstrate risk reduction, not just activity (e.g., aging, exposure windows, critical asset coverage)
o Support continuous improvement of vulnerability management processes, tooling, and workflows
• Cross-Team Collaboration
o Coordinate with infrastructure, application, and security teams to ensure vulnerabilities are addressed efficiently
o Facilitate communication across teams to remove blockers and improve remediation timelines
Pay Rate: $4.00-$8.00 depending on skills and experience level.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• Vulnerability Management Fundamentals
o Understanding of key concepts:
CVSS scoring / severity ratings
Vulnerability lifecycle (discovery → prioritization → remediation → validation)
Risk-based prioritization
Patch management and remediation strategies
• Technical Awareness (Foundational)
o Basic understanding of:
Operating systems (Windows/Linux)
Network and application vulnerabilities
Common remediation techniques (patching, configuration hardening, compensating controls)
• Data Analysis & Tracking
o Ability to work with vulnerability data sets, reports, and dashboards
o Experience tracking remediation using ticketing systems (e.g., Jira, ServiceNow)
o Ability to improve workflows via scripting or automation (e.g., Python, PowerShell, APIs) is a strong plus
• Communication Skills
o Ability to translate technical vulnerabilities into business risk
o Strong written communication for reporting, notifications, and escalation
Nice to Have Skills & Experience
• Experience with vulnerability scanning tools (e.g., Tenable, Snyk, Qualys, Cortex, Wiz)
• Familiarity with cloud environments (GCP/AWS/Azure)
• Exposure to compliance frameworks (PCI, NIST, CIS)
• Experience participating in a structured vulnerability management program
• Experience integrating vulnerability data via APIs, automation pipelines, or custom reporting
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.