[Remote] IT Security Specialist III - Vulnerability Management Analyst

Note: The job is a remote job and is open to candidates in USA. Pyramid Consulting, Inc. is a leading Food and Beverage Manufacturing Industry seeking a talented IT Security Specialist III - Vulnerability Management Analyst. The role involves managing the full vulnerability lifecycle, collaborating with teams for remediation, and enhancing automation of processes.

Responsibilities

• Lifecycle Management: Full vulnerability lifecycle—discovery, triage, prioritization, coordination for remediation, and validation
• Scanning: Schedule and manage automated scans (90% automated), ensure proper configuration and permissions
• Collaboration: Work closely with infrastructure and application teams to assist with remediation and clarify requirements
• Automation: Enhance automation of processes beyond scanning (e.g., API integrations between platforms)
• Platform Administration: Maintain and administer vulnerability management platforms, ensuring reports are accurate and distributed
• Reporting: Send weekly/monthly vulnerability reports and participate in stakeholder calls to explain findings
• Communication: Translate technical risk into understandable terms for non-technical audiences
• Manage the life cycle of vulnerabilities from discovery, triage, prioritizing, advising, remediation, and validation
• Improve and automate the existing vulnerability management lifecycle. Maintain and administer vulnerability management platforms
• Work with the business teams to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks
• Perform recurring and on-demand scanning activities of both corporate and cloud environments utilizing the enterprise platform
• Provide support and resolution for scanning and vulnerability remediation reporting issues. Send out weekly and monthly vulnerability reports to the various teams
• Ability to assess newly identified vulnerabilities, determine exposure, investigate solutions, and recommend controls to minimize risks that could arise
• Ability to create effective reports and presentations tailored to different audiences to ensure transparency and understanding of the program
• Ability to troubleshoot issues with credentialed network scans and vulnerability assessment issues with system administrators
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
• Ability to effectively communicate risk, including corrective action plans/recommendations to non-technical audiences
• Ability to build operational processes using industry best practices that are tailored to organization, system, and processes
• Top priorities: Infrastructure Vulnerability Management, Web App Scanning, then Cloud Security Posture and External Attack Surface Management
• Automation is critical—the candidate should be able to script and integrate tools, but not for remediation tasks (focus is on process automation)
• Effective communication and the ability to handle large data sets are essential

Skills

• Must have experience in Infrastructure Vulnerability Management; Web Application Scanning (WAS), Cloud Security Posture Management (CSPM), External Attack Surface Management (EASM), Scans Automation
• Minimum 3 to 7 years of relevant experience
• Strong knowledge of cyber threats and vulnerabilities
• Experience in automation (Python, PowerShell, Power Automate, etc. | Ability to work with APIs for process automation)
• Must have experience with the following platforms – Infrastructure Vulnerability Management (VM), Web Application Scanning (WAS)
• Skill in conducting vulnerability scans and recognizing vulnerabilities/misconfigurations in security systems and web applications
• Skill in conducting application vulnerability assessments
• Analyze large datasets to identify trends, prioritize impactful vulnerabilities, and reduce noise often associated with vulnerability tools
• Stays up to date with current vulnerabilities and vulnerabilities related news in various industries
• Demonstrated strong knowledge of networks, desktops, servers, cloud, and software as a service technology
• Cloud Knowledge: Any major cloud provider (AWS, Azure, etc.) acceptable; focus is on posture/configuration management
• Effective communication and the ability to handle large data sets are essential
• Must be able to work 9am – 5pm EST. Occasionally might need for all hands-on deck for OT
• Preferred Tools: Tenable, Qualys, Rapid7, CrowdStrike (vendor-specific experience not required)
• Unified Vulnerability Management (UVM): Nice-to-have, not mandatory. No preference for specific platforms
• Industry Experience: Helpful if the candidate understands manufacturing/Client environments but not required
• Experience Level: Targeting Level III (3–7 years), no upper limit; certifications helpful but not mandatory
• A bachelor's degree is preferred, but not a hard requirement

Benefits

• Health insurance (medical, dental, vision)
• 401(k) plan
• Paid sick leave (depending on work location)

Company Overview

• Pyramid Consulting, a global leader in workforce and technology solutions, empowers individuals and organizations to transform and thrive in the most challenging and competitive markets. It was founded in 1996, and is headquartered in Alpharetta, Georgia, USA, with a workforce of 5001-10000 employees. Its website is https://pyramidci.com/.

Company H1B Sponsorship

• Pyramid Consulting, Inc has a track record of offering H1B sponsorships, with 178 in 2025, 112 in 2024, 95 in 2023, 62 in 2022, 50 in 2021, 117 in 2020. Please note that this does not guarantee sponsorship for this specific role.