DANE, LLC→
Vulnerability Management Analyst
Entry LevelHybrid
Location
Chantilly, VA
Salary
$70k–$85k/yr
Experience
Not specified
Posted
1 day ago
Skills
tenable/nessuspower biexcelipostservicenowca servicedeskjirasharepointcvecvsskevpoa&m trackingrisk acceptancevulnerability agingpatch compliancecomptia security+cysa+cehfederal cybersecurity programsnist sp 800-53rmfatocisa bod 22-01fedramp vulnerability requirementsdevsecopssastdastscacontainer image scanningsecrets scanningsoftware bill of materials (sbom)windows server patchingwindows workstations patching.net framework patchingjava jre patchingsql server patchingsplunksiem platforms
Job Description
Summary: DANE, LLC is a company that values and supports its team with strong benefits and ongoing learning opportunities. They are seeking a Vulnerability Management Analyst to support vulnerability tracking, remediation coordination, and security metrics reporting in a federal technology environment.
Responsibilities:
- Run authorized Tenable/Nessus scans using credentialed scan profiles and review exports to identify CVEs, plugin findings, KEV status, EOL/EOS software risks, and affected assets
- Validate findings as true or false positives, track vulnerability age using first-seen/last-seen dates, and escalate unresolved findings to senior security staff or system owners
- Support the full vulnerability lifecycle from intake and triage through ownership assignment, remediation tracking, retest/rescan validation, and closure evidence collection
- Monitor KEV and Critical/High findings against federal remediation timelines (e.g., BOD 22-01) and flag aging, stale, or blocked findings for escalation
- Build and maintain Power BI dashboards and Excel reports covering vulnerability posture, patch compliance, KEV status, finding aging, and ownership tracking using Power Query, slicers, and basic DAX measures
- Produce recurring deliverables, including Critical/High aging reports, Tenable/iPost reconciliation summaries, EOL/EOS tracking, and executive snapshots; document KPI definitions and data sources
- Reconcile vulnerability data across Tenable/Nessus, iPost, ServiceNow/CA ServiceDesk, Jira, SharePoint, POA&M trackers, and Excel exports to identify mismatches and coverage gaps
- Coordinate with security, development, infrastructure, database, and cloud teams and ISSO stakeholders to drive remediation through closure
Required Qualifications:
- Minimum of a Bachelor's degree in computer science or Equivalent
- Minimum 1 year of relevant experience
- Must hold an Active DoD Secret Clearance or higher
- 1–3 years of experience in cybersecurity operations, vulnerability management, SOC, cyber GRC, IT operations, or application security support; working knowledge of CVE, CVSS, KEV, false positives, POA&M tracking, risk acceptance, and vulnerability aging
- Hands-on Tenable/Nessus experience: executing credentialed scans, analyzing plugin output and CVE findings, validating true/false positives, and building dashboards, saved filters, and exports for KEV, Critical/High, EOL/EOS, and aging tracking
- Intermediate Power BI (Power Query, data modeling, DAX, slicers) and strong Excel skills (pivot tables, VLOOKUP/XLOOKUP, conditional formatting, deduplication) for vulnerability reporting and KPI tracking
- Experience with iPost, ServiceNow, CA ServiceDesk, Jira, or SharePoint for remediation tracking; ability to reconcile data across multiple tools, identify mismatches, and maintain accurate ownership and evidence records
- Familiarity with EOL/EOS software tracking, patch compliance, remediation exceptions, risk acceptance documentation, and closure evidence collection
- Strong attention to detail, comfort working with large and messy datasets, and clear communication skills for translating technical findings into plain-language updates for leadership and non-technical stakeholders
Preferred Qualifications:
- Experience supporting federal cybersecurity programs or regulated environments; familiarity with NIST SP 800-53, RMF, A&A, ATO, POA&M lifecycle management, CISA BOD 22-01, and FedRAMP vulnerability requirements
- Exposure to DevSecOps and application security tooling: SAST, DAST, SCA, container image scanning, secrets scanning, or Software Bill of Materials (SBOM) analysis
- Basic understanding of enterprise patching for Windows Server, Windows workstations, .NET Framework, Java JRE, SQL Server, and endpoint agents; familiarity with Splunk or other SIEM platforms
- Experience developing SOPs, RACI matrices, or workflow documentation in a security or IT operations context
- Relevant certifications such as CompTIA Security+, CySA+, CEH, or equivalent entry-to-mid-level cybersecurity credentials
Required Skills: Tenable/Nessus, Power BI, Excel, iPost, ServiceNow, CA ServiceDesk, Jira, SharePoint, CVE, CVSS, KEV, POA&M tracking, Risk acceptance, Vulnerability aging, Patch compliance, CompTIA Security+, CySA+, CEH, Federal cybersecurity programs, NIST SP 800-53, RMF, ATO, CISA BOD 22-01, FedRAMP vulnerability requirements, DevSecOps, SAST, DAST, SCA, Container image scanning, Secrets scanning, Software Bill of Materials (SBOM), Windows Server patching, Windows workstations patching, .NET Framework patching, Java JRE patching, SQL Server patching, Splunk, SIEM platforms
Benefits: Life/STD/LTD, FSA/DCA, 401(k), Employee discounts, Paid time off, 401(k) matching, Dental insurance, Health insurance, Tuition assistance, Vision insurance
Benefits
Life/STD/LTD
FSA/DCA
401(k)
Employee discounts
Paid time off
401(k) matching
Dental insurance
Health insurance
Tuition assistance
Vision insurance