Cybersecurity Analyst III

Location:
5501 Headquarters Dr, Plano, Texas, 75024, United States of America

Cybersecurity Analyst III

Vulnerability Management Specialist

Information Security | Cybersecurity Operations

On-Site, Full-Time

About the Role

This position is the senior technical owner of our enterprise vulnerability management program. The ideal candidate combines deep technical expertise with the communication skills and organizational influence needed to drive risk reduction outcomes across the business. Incident response support is a secondary but meaningful responsibility.

Job Purpose

The Cybersecurity Analyst III — Vulnerability Management Specialist leads our enterprise vulnerability management program across cloud, endpoint, network, and identity environments. This role is responsible for the full vulnerability lifecycle: continuous discovery and scanning, risk-based prioritization, coordinated remediation, validation, and executive reporting.

This is a program leadership role, not simply an analyst seat. The right candidate drives measurable risk reduction by building strong cross-functional relationships, maintaining clear remediation SLAs, and ensuring the organization consistently moves from vulnerability identification to resolution. In addition to owning the VM program, this analyst supports cybersecurity incident response efforts, contributing environmental knowledge and analytical depth when incidents arise.

Key Responsibilities


Vulnerability Management Program Leadership (Primary Focus — ~70–80%)

  • Lead the enterprise vulnerability management lifecycle: asset discovery, continuous scanning, risk-based prioritization, remediation coordination, validation, and reporting.
  • Define and maintain SLA/remediation timelines by risk tier and manage escalation paths for items approaching or exceeding thresholds.
  • Partner with infrastructure, cloud, engineering, application, and endpoint teams to ensure vulnerability findings are clearly communicated, ownership is assigned, and remediation is completed on schedule.
  • Translate vulnerability data into business context: deliver clear reporting for technical teams and concise risk summaries for executive audiences that reflect progress, trends, and areas of focus.
  • Prioritize vulnerabilities using risk-based methodologies that incorporate CVSS scores, EPSS, CISA KEV, asset criticality, business impact, and active threat intelligence — not severity scores in isolation.
  • Maintain a formal risk acceptance and exception process, including documentation of business justification, compensating controls, and expiration timelines.
  • Integrate vulnerability findings into ticketing and ITSM workflows (e.g., ServiceNow, Jira) to ensure every finding has an assigned owner, a due date, and a tracked resolution path.
  • Develop and maintain program KPIs: vulnerability fix rate, mean time to remediate (MTTR), scan coverage, exception aging, and sustained reduction in critical/high exposure.
  • Facilitate regular stakeholder reviews with technology teams to assess remediation progress, surface blockers, and maintain shared accountability for risk outcomes.
  • Continuously refine scanning coverage, tool configurations, and program policies in response to environmental changes and evolving threats.
  • Monitor threat intelligence feeds, vulnerability disclosures, and CISA KEV to identify newly weaponized vulnerabilities that warrant accelerated remediation cycles.
  • Coordinate formal risk acceptance decisions with leadership for findings that cannot be addressed within standard timelines; maintain auditable records of approvals.

Incident Response Support (Secondary Focus — ~20–30%)

  • Support cybersecurity incident response activities including triage, containment, eradication, recovery, and post-incident review.
  • Apply vulnerability landscape knowledge and asset inventory familiarity to provide rapid environmental context during active investigations.
  • Participate in incident post-mortems and incorporate findings into vulnerability management program improvements.
  • Contribute to security documentation including runbooks, playbooks, and vulnerability management procedures.

Cross-Functional Collaboration & Communication

  • Serve as the primary security point of contact for technology teams on vulnerability obligations, remediation expectations, and risk escalation.
  • Advise technology partners on patch management strategies, configuration hardening, and compensating controls.
  • Support internal audit and compliance engagements by demonstrating control effectiveness against SOX, PCI-DSS, and other applicable frameworks.
  • Promote security awareness among technology partners by providing clear context on why remediation requirements exist and how they protect the organization.

Who Thrives Here

This role is best suited for a security professional who takes ownership seriously — someone who is as focused on getting vulnerabilities fixed as they are on finding them. If you are energized by building relationships, navigating organizational dynamics, and tracking risk metrics over time, you will find this role deeply rewarding.

Required Qualifications

Vulnerability Management Expertise

  • 5+ years of experience in cybersecurity operations, with at least 3 years in a role pfocused on enterprise vulnerability management.
  • Hands-on experience with enterprise vulnerability scanning platforms such as Tenable (Nessus / Tenable.io / Tenable.sc), Qualys, or Rapid7 InsightVM.
  • Demonstrated experience owning a vulnerability management program end to end, including SLA development, remediation coordination, and stakeholder accountability.
  • Experience integrating vulnerability findings with ITSM or ticketing platforms (ServiceNow, Jira, or equivalent) to operationalize remediation workflows.
  • Strong command of risk-based vulnerability prioritization frameworks: CVSS, EPSS, CISA KEV, asset criticality, and business impact analysis.
  • Experience developing vulnerability metrics, executive dashboards, and program performance reporting.
  • Familiarity with vulnerability lifecycle management practices: risk acceptance, exception handling, compensating controls, and SLA governance.

Stakeholder Engagement & Cross-Functional Influence

  • Proven ability to drive remediation outcomes through technology teams (infrastructure, cloud, engineering, application) using influence, communication, and structured accountability — without direct management authority.
  • Strong written and verbal communication skills with the ability to tailor messaging for technical and non-technical audiences alike.
  • Experience facilitating recurring stakeholder forums such as remediation review meetings, and maintaining follow-through on commitments via escalation when needed.
  • Demonstrated ability to build credibility and collaborative relationships across peer teams.

Technical Depth

  • Solid understanding of cloud security in AWS and/or Azure environments, including cloud-native security tooling and logging architectures.
  • Familiarity with endpoint protection, network monitoring, intrusion detection, and IAM platforms.
  • Working knowledge of core network protocols (TCP/IP, DNS, HTTP/S, SMTP, etc.).
  • Experience with SIEM platforms and security log analysis.
  • Familiarity with the MITRE ATT&CK framework and how adversary TTPs inform vulnerability prioritization.
  • Foundational knowledge of incident response concepts and practices sufficient to contribute meaningfully when called upon.

Preferred Qualifications

  • Relevant certifications: CISSP, GPEN, GWAPT, CompTIA Security+, Tenable Certified, Qualys Certified, or equivalent.
  • Familiarity with SOX and PCI-DSS compliance requirements as they relate to vulnerability and patch management.
  • Experience with exposure management methodologies such as Continuous Threat Exposure Management (CTEM) and attack surface management.
  • Familiarity with SOAR platforms or automation tools used to streamline vulnerability-to-ticket workflows.
  • Experience with Microsoft Defender suite, Rapid7, or comparable enterprise security platforms.
  • Exposure to penetration testing or adversary emulation methodologies to inform vulnerability prioritization.
  • Familiarity with AI-assisted attack techniques and their implications for vulnerability exploit timelines.

What Success Looks Like

  • All critical and high vulnerabilities tracked in integrated workflows with clear ownership and due dates
  • Consistent remediation within defined SLA timelines across technology teams
  • Measurable, sustained reduction in mean time to remediate (MTTR) for critical and high findings
  • Reliable executive reporting cadence with meaningful risk trend data
  • Comprehensive scan coverage across endpoint, cloud, network, and identity environments

Additional Information

  • This position requires on-site presence five days per week (Monday – Friday).

Sponsorship 

  • Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment visa at this time. 

Why Join Our Team

You will join a collaborative and growing Cybersecurity Operations team where your leadership of the vulnerability management program directly shapes the organization’s security posture. This is a high-visibility role with broad cross-functional reach, real ownership, and the opportunity to make a measurable difference. If you are looking for a position where your work has clear, demonstrable impact on risk reduction, we want to hear from you.