[Hiring] Vulnerability Management, Tenable/Nessus & Metrics Analyst @InstantServe LLC

Role Description

We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal technology environment. This role is designed for an analyst with approximately 1-3 years of relevant experience who can work hands-on with Tenable/Nessus data, Excel, Power BI, iPost exports, ticketing records, and remediation evidence. The analyst will help identify affected systems, validate findings, track remediation ownership, monitor KEVs and Critical/High vulnerabilities, reconcile data across sources, and support leadership reporting. The role should be positioned as an execution and coordination role.

Primary Responsibilities

• Perform and Review Tenable/Nessus scan exports and dashboards to identify affected assets, plugins, CVEs, severity, first-seen dates, last-seen dates, plugin output, vulnerability age, and remediation guidance.
• Run approved ad hoc Tenable/Nessus scans when requested by TIOCA Security, product teams, ISSO, or leadership, using approved scan templates, credentialed scan profiles, scan windows, and target lists.
• Create and maintain Tenable/Nessus native dashboards, saved views, reports, filters, asset groups/tags where permitted, and recurring exports for KEVs, Critical/High findings, stale findings, aging, ownership, and validation status.
• Monitor scan jobs, confirm scan completion, export results, identify scan failures or credential issues, and escalate scan coverage or authentication problems to senior security staff or platform administrators.
• Help validate whether findings are true positives, duplicates, stale/residual artifacts, configuration issues, missing patches, unsupported software, or application dependencies.
• Track KEV status, Critical/High vulnerabilities, exploitable findings, internet-facing risk indicators if available, and vulnerabilities tied to DOS or federal remediation timelines.
• Use Tenable/Nessus evidence to support ownership assignment, remediation planning, retest validation, and closure evidence.
• Reconcile Tenable/Nessus data against iPost, ServiceNow/CA ServiceDesk, Jira, POA&M trackers, Excel files, SharePoint trackers, and remediation evidence.
• Escalate unclear Tenable/Nessus findings to senior security staff, system owners, application teams, SO/Windows Services, infrastructure, database teams, or ISSO stakeholders for ownership decisions.
• Operate within approved rules of engagement.

Vulnerability Management Lifecycle Support

• Support the vulnerability lifecycle: intake, triage, validation, ownership assignment, prioritization, remediation tracking, retest support, closure evidence collection, and recurrence monitoring.
• Track KEVs, Critical/High vulnerabilities, EOL/EOS software, iPost findings, POA&M-related findings, patch findings, application-impacting vulnerabilities, and blocked remediation items.
• Identify remediation path options such as patching, software upgrade, dependency upgrade, configuration change, file removal, compensating control, risk acceptance, or decommissioning.
• Document blockers, stale findings, aging risk, unclear ownership, cross-team dependencies, and evidence gaps.
• Help maintain action trackers with owners, due dates, next steps, escalation status, and evidence status.
• Support weekly vulnerability review meetings, Critical/High/KEV response sessions, POA&M reviews, and monthly reporting cycles.

Metrics, Reporting, and Power BI Dashboarding

• Build and maintain basic to intermediate Power BI dashboards and Excel-based reports for vulnerability posture, Tenable/Nessus findings, iPost/Tenable reconciliation, patch compliance, aging, ownership, and closure evidence.
• Build Tenable/Nessus-native dashboards and reports in addition to Power BI, including saved filters/views for KEVs, Critical/High findings, assets by owner, scan coverage, authentication failures, stale findings, aging, and remediation validation.
• Create report views for open findings by severity, KEV status, application/system, owner/team, age, due date, remediation status, and blocked status.
• Support recurring reports for KEVs, Critical/High findings, EOL/EOS software, Tenable/iPost mismatches, findings awaiting validation, overdue findings, closure trends, and executive summary snapshots.
• Use Power Query, data cleaning steps, relationships, filters, slicers, basic DAX measures, and refresh procedures to make reports repeatable.
• Document KPI definitions, data sources, refresh cadence, report assumptions, ownership rules, and known data-quality limitations.
• Convert technical vulnerability data into clear status reporting that shows risk, owner, due date, blocker, evidence, and decision needed.

Coordination and Evidence Support

• Coordinate with TIOCA Security, TIOCA Dev/Product teams, SO/Windows Services, production infrastructure, database teams, cloud teams, ISSO teams, and government stakeholders to track remediation through closure.
• Collect and organize closure evidence such as rescans, version checks, ticket notes, screenshots, deployment records, release notes, POA&M artifacts, iPost/Tenable updates, and ISSO validation evidence.
• Help distinguish between product/application responsibilities and production/server-level responsibilities so findings are assigned to the correct owner.
• Support tracking where SO or shared infrastructure owns deployment but TIOCA needs application validation, evidence, or product-owner input.
• Help maintain SOPs, RACI notes, dashboard metric definitions, and remediation workflow documentation.

Qualifications

• 1-3 years of experience in cybersecurity operations, vulnerability management, security operations, cyber GRC, IT operations, application support, or related technical/security work.
• Hands-on exposure to Tenable/Nessus vulnerability data, including plugins, CVEs, severity, affected assets, plugin output, first-seen/last-seen dates, and remediation guidance.
• Ability to run authorized ad hoc Tenable/Nessus scans using approved scan templates, target lists, credentials, scan windows, and documented rules of engagement.
• Ability to create or maintain Tenable/Nessus dashboards, saved filters, reports, and exports for vulnerability review and remediation tracking.
• Ability to work with vulnerability exports from Tenable/Nessus and organize findings in Excel, Power BI, SharePoint, Jira, ServiceNow/CA ServiceDesk, or similar tools.
• Working understanding of vulnerability management concepts such as severity, KEV, CVE, false positive, remediation evidence, rescan validation, aging, ownership, dependencies, risk acceptance, and due dates.
• Intermediate Power BI or reporting experience, including data imports, transformations, tables, charts, filters, slicers, and dashboard maintenance.
• Strong Excel skills, including filtering, lookups, pivots, conditional formatting, data cleanup, and comparison across exports.
• Ability to communicate clearly with technical teams and non-technical stakeholders about finding status, blockers, evidence, and next steps.
• Strong attention to detail and willingness to reconcile messy data across multiple sources.
• Familiarity with iPost, Tenable/Nessus, ServiceNow, Jira, ServiceDesk, SharePoint, Power BI, Splunk, or similar reporting/security tools.
• Exposure to application development, product teams, DevSecOps, SAST, SCA, DAST, container scanning, secrets scanning, or SBOM tooling.
• Experience tracking EOL/EOS software, patch compliance, POA&M aging, remediation exceptions, risk acceptance, or closure evidence.

Preferred Qualifications

• Experience supporting federal government cybersecurity programs or regulated environments.
• Familiarity with NIST SP 800-53, RMF, A&A, ATO, POA&M tracking, CISA KEV, BOD 22-01, FedRAMP, or federal vulnerability remediation expectations.
• Exposure to application development, product teams, DevSecOps, SAST, SCA, DAST, container scanning, secrets scanning, or SBOM tooling.
• Basic understanding of Windows Server, Windows workstation, .NET Framework, Java JRE, SQL Server, browser updates, endpoint agents, and common enterprise patching concepts.