Vulnerability Management Analyst- Secret Clearance Required

Security Clearance: Active Secret clearance required (Interim ok)

Travel Requirement: Up to 10%

Citizenship: US Citizenship required

Sherpa 6 is seeking a highly motivated and skilled Vulnerability Management Analyst to join our team. We build mission critical systems for the Department of Defense (DoD) and other commercial customers. Youll be responsible for identifying assessing prioritizing and tracking remediation of security vulnerabilities across our software development process. You will partner with infrastructure application and security teams to ensure risks are properly understood addressed and reported.

Responsibilities:

• Perform regular vulnerability scans across cloud on-prem application and endpoint environments.
• Work alongside Software and DevSecOps teams to develop strategies for incorporating vulnerability detection and management in CI/CD pipelines as part of our software development process
• Analyze scan results validate findings and assign severity based on industry standards (e.g. CVSS) business context and exploitability.
• Work collaboratively with engineering and operations teams to drive timely remediation of vulnerabilities.
• Monitor external threat intelligence and evaluate emerging vulnerabilities (e.g. zero-days trending exploits).
• Maintain the vulnerability management platform and improve scanning coverage and accuracy.
• Support patch management processes and ensure alignment with remediation SLAs.
• Assist in developing and refining policies procedures and best practices for vulnerability management.
• Participate in incident response efforts when vulnerabilities contribute to active threats.

• 7 years of experience in cybersecurity vulnerability management or related fields.
• 3 years of experience working alongside software development and DevSecOps teams as part of the software development process
• Hands-on experience with tools such as Tenable Qualys Rapid7 OpenVAS or similar.
• Strong understanding of CVE CVSS NIST CIS benchmarks and vulnerability classification frameworks.
• Familiarity with cloud platforms (AWS Azure GCP)
• Ability to interpret vulnerability findings identify actual risk and communicate clearly with technical and non-technical stakeholders.
• Knowledge of patch management practices and change management workflows.
• Understanding of network architecture security controls and common attack vectors.
• Excellent analytical and problem-solving skills with a keen attention to detail.
• Strong communication and interpersonal skills with the ability to effectively collaborate with cross-functional teams
• Must be a US citizen

Qualities of Exceptional Candidates:

• Relevant certifications (Security CySA CEH GSEC or similar).
• Experience with automation or scripting (Python PowerShell Bash).
• Background in secure configuration management container security or DevSecOps tooling.
• Knowledge of SIEM or threat detection platforms.

About Sherpa 6:

At Sherpa 6 we love to solve problems and provide the best solutions for our customers. Our approach to a problem is to find a user-focused and design-driven solution that is simple yet functional and effective. We are a group of enthusiastic forward-thinkers who are excited to build amazing solutions with bleeding-edge technology. We hire people who are forward thinkers passionate about what they do love to collaborate and want to constantly learn. We enjoy what we do and were not afraid to put the extra effort in to accomplish the mission; call us Sherpas. As a Service-Disabled Veteran Owned Small Business we know what it means to serve. We have made it our mission to be the leaders in solutions that protect and give our Warfighters the edge they need when put into harms way.

Background Screening/Check/Investigation:

Successful completion of a background screening/check/investigation will/may be required as a condition of hire.

ADA:

Sherpa 6 will make reasonable accommodations in compliance with the Americans with Disabilities Act 1990.

EEO/AA:

Sherpa 6 does not discriminate based on race color national origin sex religion age disability sexual orientation gender identity veteran status height weight or marital status in employment or the provision of services and is an equal access/opportunity/affirmative action employer.

Benefits:

We offer a competitive benefits package covering the cost of medical for you and your family; we also offer dental vision health and wellness benefits and a generous retirement savings plan. We believe that our employees can manage their workload and their personal life therefore we extend a generous PTO policy. This allows our employees to balance their lives as they see fit.

Salary Range

The proposed salary range is reflective across all Sherpa 6 locations years of experience and skill levels. Salary negotiations will be based on a host of factors including but not limited to your geographic location prior experience relevant skills education and certifications.