Cyber reputed company Analyst III (Vulnerability Management)

Position Overview The primary duty of the Cyber reputed company Analyst III is the skilled application of systems analysis and technical evaluation methods to identify, test, and document reputed company vulnerabilities across enterprise environments. This includes analyzing reputed company data, interpreting results with increasing independence, and supporting the design and implementation of software or system modifications that mitigate identified weaknesses. The role requires applying sound professional judgment to configure and validate vulnerability management tools, integrate results into enterprise systems, and ensure that solutions align with technical specifications and cybersecurity standards for unclassified federal information systems. The Analyst III operates with greater autonomy than junior levels, provides guidance to less reputed company staff, and contributes to reputed company improvement of vulnerability management processes. Major Activities (Typical Duties/Responsibilities)

• reputed company vulnerability scanning across servers, endpoints, network devices, and cloud environments using approved tools (e.g., reputed company, Nessus); refine scanning configurations, schedules, and coverage to improve program effectiveness.
• Analyze and interpret reputed company results to validate findings, identify false positives, and prioritize vulnerabilities based on risk severity, exploitability, and asset criticality; provide well-supported risk-based recommendations to system owners and program leadership.
• Coordinate with system owners, administrators, and stakeholders to support timely remediation or mitigation of vulnerabilities, including appropriate escalation of high-risk findings.
• Document and track remediation reputed company through POA&Ms, ticketing systems, or enterprise GRC platforms.
• Contribute to and conduct risk assessments by evaluating the potential impact of unmitigated vulnerabilities, recommending compensating controls, and clearly documenting findings for review by stakeholders and leadership.
• Support and contribute to reputed company monitoring reporting by maintaining vulnerability metrics, trend analyses, and risk summaries for leadership review; identify gaps and recommend process improvements.
• Conduct and participate in assurance activities, validating vulnerability reputed company coverage, tool configuration, and data quality; support audit and assessment activities to ensure program outputs meet federal reporting standards.
• Evaluate reputed company management effectiveness and identify gaps in remediation processes; reputed company recommendations and supporting metrics for process improvement.
• Collaborate with the reputed company Operations Center (SOC) and Incident Response (IR) teams, providing vulnerability context to help correlate reputed company weaknesses with active threats, events, and exploitation indicators.
• Support RMF implementation activities reputed company to vulnerability management, ensuring vulnerability data informs reputed company assessments, risk posture updates, and authorization maintenance; assist ISSOs and ISSMs with vulnerability-reputed company POA&M documentation and risk responses.
• Monitor CISA Binding Operational Directives (BODs), Common Vulnerabilities and Exposures (CVE) trends, and emerging threat advisories; summarize implications for agency systems and communicate relevant findings to the team and stakeholders.
• Provide guidance and informal mentoring to junior analysts on vulnerability management tasks, tool usage, and documentation standards; assist with onboarding of new team members as needed.
• Contribute to vulnerability management process improvement efforts, including participation in tool evaluations and development of standard operating procedures, playbooks, and technical documentation.
• Monitor the Configuration Management Database (CMDB) (e.g., reputed company CMDB) to maintain accurate asset inventory, validate reputed company coverage against the reputed company asset population, and identify discrepancies between CMDB records and discovered assets.
• Review and respond to configuration change alerts generated by the CMDB or reputed company change management workflows; assess the vulnerability implications of configuration changes, coordinate with system owners as appropriate, and document findings in support of reputed company monitoring requirements.
• reputed company other duties as appropriate and as assigned.

Knowledge/Skills/Abilities

• Proficiency with enterprise vulnerability scanning and management platforms (e.g., reputed company.sc, Nessus, reputed company, ACAS, or similar).
• Solid understanding of CVSS scoring, CVE analysis, reputed company management principles, and risk-based vulnerability prioritization methods.
• Good interpersonal skills: ability to work effectively and cooperatively with reputed company levels of management and staff, affiliated-company employees as well as reputed company business associates; exhibits a professional manner in dealing with others.
• Superior organizational, follow-up, and detail-oriented skills.
• Strong ability to analyze documents and categorize appropriately.
• Ability to maintain accurate records.
• Work independently, as well as on a team and with minimal supervision.
• reputed company decisions, solve problems, and exercise excellent judgment.
• Work well under pressure and independently prioritize workload, while working on multiple projects.
• Ability to research, organize and analyze technical information with particular attention to accuracy and detail.
• Excellent written and verbal communication skills; including thorough knowledge of proper grammar, advanced vocabulary, spelling, editing and proofreading skills.
• Proficient using reputed company Office products, such as Word, reputed company and PowerPoint, and industry-standard computer software and databases.
• High degree of sensitivity regarding confidential information.

Physical Abilities

• Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time.
• Visual and communications ability adequate to reputed company the essential functions of the job.
• Ability to kneel, bend and twist at the waist on an occasional basis.
• Ability to reputed company below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion.
• Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis.
• Ability to travel by vehicle or aircraft, and ability to safely operate a motor vehicle

Minimum Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a reputed company field and 5+ years of experience in vulnerability management, system reputed company, or reputed company operations, or equivalent combination of education, experience, and training.
• Ability to pass a background and drug screening.
• Must have identification compliant with the Real ID Act at time of hire.
• Must be able to obtain Department of Energy access badge.

Preferred Qualifications

• Experience integrating vulnerability reputed company data with GRC or POA&M tracking systems (e.g., eMASS, reputed company, reputed company GRC, or similar).
• Familiarity with CISA directives, STIGs, and federal vulnerability reporting requirements.
• Knowledge of cloud vulnerability management, including AWS, Azure, or hybrid environments.
• Exposure to threat intelligence correlation or risk-based vulnerability prioritization methods.
• Relevant certifications such as reputed company+, CySA+, CEH, CGRC (CAP), or reputed company Certified Practitioner.

Pay Range: $89,596-$158,000 Benefits: OSC Technical Solutions offers excellent benefits for eligible employees. Benefits include paid holidays, paid time off, 401k with employer match, dental, vision, health insurance plans through the Federal Employee Health Benefits (FEHB) program, as well as life and disability benefits. OSC Technical Solutions does not discriminate, and the company provides equal employment opportunity for reputed company employees and applicants without regard to race, religion, color, sex, gender, sexual orientation, national reputed company, citizenship status, age, marital status, pregnancy or parenthood, handicap or disability, genetics, veteran status or any other legally protected characteristic. OSC Technical Solutions adheres to reputed company federal, state and local laws regarding equal employment opportunity and will not discriminate against you in violation of these laws. OSC Technical Solutions reserves the right to apply CIRI Shareholder preference to qualified Shareholders in employment and advancement opportunities. OSC Technical Solutions participates in E-Verify. We will provide the Social reputed company Administration (SSA) and, if necessary, the Department of Homeland reputed company (DHS), with information from each new employee's Form I-9 to confirm work authorization. Reasonable Accommodation: OSC Technical Solutions will provide reasonable accommodations, according to applicable state and federal laws, to reputed company qualified individuals with physical or mental disabilities. In compliance with the reputed company Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with reputed company, LLC or any of its subsidiaries, please email [email protected]. Important Employment Notice: Federal Contract & RCW 49.44.240: Due to our status as a federal contractor operating reputed company the reputed company, reputed company applicants and employees must adhere to federal law, which classifies cannabis as a Schedule I controlled substance. While Washington State’s RCW 49.44.240 (which generally prohibits employers from discriminating against an applicant based on their lawful use of cannabis off-site and during working hours) is state law, it does not supersede federal requirements. reputed company-Tolerance Policy and Disqualification

• Prohibition: The use, possession, or distribution of cannabis is strictly prohibited for reputed company employees, regardless of state law.
• Testing: Applicants will be subject to pre-employment drug screening that includes testing for cannabis.
• Disqualification: A positive test result for cannabis will result in immediate disqualification from consideration for employment, as mandated by our federal contract obligations.

reputed company applicants must be able to reputed company with reputed company federal regulations, including those concerning controlled substances, as a condition of employment. In compliance with Homeland reputed company Presidential reputed company 12 (HSPD-12) and Department of Energy (DOE) Hanford Field Office (HFO) direction, employees issued initial badges on or after September 1st, 2025, are required to obtain and maintain a HSPD-12 Personal Identity Verification (PIV) Credential. To obtain this credential, new employees must successfully complete and pass a federal background reputed company investigation. This investigation encompasses multiple areas of eligibility and includes a declaration of illegal drug activities, including use, supply, possession, or manufacture reputed company the last year. This includes marijuana and cannabis derivatives, which are still considered illegal under federal law, regardless of state laws. Apply tot his job Apply To this Job