Location: New York, NY (Hybrid)
We are seeking a Cybersecurity Analyst to support and enhance a mature Vulnerability & Patch Management program within a large, complex enterprise environment. This position is ideal for a security professional who enjoys working with large datasets, vulnerability analytics, risk-based remediation, and executive-level reporting.
In this role, you will drive the full vulnerability management lifecycle, partnering with infrastructure, application, and security teams to identify, prioritize, track, and remediate vulnerabilities across the organization. You will leverage data-driven insights to improve security posture, reduce risk, and support compliance initiatives.
Manage the end-to-end vulnerability management lifecycle, including identification, analysis, prioritization, remediation tracking, and reporting.
Analyze large vulnerability datasets to identify trends, remediation opportunities, and areas of elevated risk.
Utilize Qualys VMDR to monitor, assess, and track vulnerabilities across enterprise environments.
Develop dashboards, reports, KPIs, and KRIs for leadership and operational teams.
Partner with infrastructure, application, and security teams to drive timely remediation efforts.
Monitor patch compliance, manage remediation SLAs, and escalate aging vulnerabilities as needed.
Perform advanced analysis using Excel, Power Query, Pivot Tables, and reporting tools.
Leverage Splunk and query languages to analyze security data and support vulnerability investigations.
Develop and maintain scripts and automation using Groovy and other scripting technologies.
Support audit, compliance, and regulatory requirements aligned with frameworks such as NIST and FFIEC.
Collaborate with global technology and security teams to improve vulnerability management processes and controls.
Assist with cybersecurity projects, audit remediation activities, and security initiatives as required.
3+ years of experience in Vulnerability Management, Patch Management, Cybersecurity Operations, or a related security discipline.
Hands-on experience with Qualys VMDR.
Experience working with large security or vulnerability datasets.
Advanced Microsoft Excel skills, including Pivot Tables, Power Query, VLOOKUP/XLOOKUP, and reporting.
Experience with Splunk and SPL (Search Processing Language) or similar query languages.
Experience developing or maintaining Groovy scripts.
Strong understanding of vulnerability remediation workflows, risk prioritization, and patch management processes.
Experience creating executive reporting, KPIs, and security metrics.
Knowledge of security frameworks and standards such as NIST, FFIEC, or similar.
Excellent communication and stakeholder management skills.
Experience with SIEM platforms and security analytics.
Knowledge of POAM management and remediation tracking.
Power BI reporting experience.
Financial Services or other highly regulated industry experience.
Security certifications such as CISSP, CISM, CRISC, Security+, or equivalent.
The ideal candidate combines strong cybersecurity fundamentals with exceptional data analysis skills. This person should be comfortable working with millions of vulnerability records, identifying meaningful trends, developing actionable reporting, and partnering with technical teams to drive remediation efforts across a large enterprise environment.
PRO038
#LI-DH2
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.
Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
Companies need talent. You want job opportunities.
That’s where we come in. We create meaningful connections between companies and candidates, and we’ve been doing it for over 65 years.
Our national workforce solutions include contract, contract-to-hire, direct placement services, and managed services for a variety of industries.
We employ specialized recruiters focused in Engineering, Information Technology, Accounting & Finance, Administrative & Customer Service, and Manufacturing & Distribution.
When you need to find a job, we're your partner.