Senior Cloud Architect - Vulnerability & Risk Management

The Vulnerability Management and Configuration Assurance (VMCA) Analyst plays a critical role in identifying, assessing, and reducing cyber risk across the enterprise by delivering effective vulnerability management and configuration assurance capabilities. This role is responsible for driving visibility into vulnerabilities and misconfigurations, ensuring alignment with secure baseline standards, and enabling risk-informed remediation across on-premises, cloud, and hybrid environments.

The analyst leverages enterprise security tools and data analytics to assess vulnerabilities, monitor configuration compliance, and provide actionable insights that strengthen the organization’s overall security posture. This includes analyzing scan results, prioritizing remediation efforts based on risk and exploitability, and implementing compensating controls where necessary.

Working closely with cross-functional teams—including Infrastructure, Cloud, Engineering, and Business Information Security Officers (BISOs)—the VMCA Analyst ensures that vulnerabilities are effectively remediated and configuration standards are consistently applied. The role also supports governance, audit readiness, and executive reporting by delivering clear, accurate, and actionable risk metrics and insights.

Core Responsibilities

• Vulnerability Management Tools: Hands-on experience with enterprise scanning platforms (e.g., Qualys, Wiz, Tenable, Rapid7) to identify, assess, and track vulnerabilities across endpoints, servers, and cloud services.
• Risk-Based Vulnerability Analysis: Strong understanding of CVSS scoring, exploitability, and threat context (e.g., MITRE Telecommunication&CK) to prioritize vulnerabilities based on risk and business impact.
• Configuration Assurance & Compliance: Experience assessing and validating secure configurations using automated compliance tools and aligning controls to frameworks such as CIS, NIST, ISO, and PCI-DSS.
• Data Analytics & Visualization: Ability to analyze large datasets to identify trends, anomalies, and risk concentrations, and to develop dashboards and reporting (e.g., Tableau) for technical and executive audiences.
• Cloud & Platform Security: Knowledge of cloud platforms (AWS, Azure, GCP), container environments, and hybrid infrastructure, including associated vulnerability and configuration risks.
• Security Tool Integration: Experience integrating vulnerability and configuration data into enterprise platforms such as SIEM, GRC, and ticketing systems to support governance and operational workflows.

Core Strengths

• Risk-Based Decision Making: Ability to evaluate vulnerabilities and misconfigurations based on risk, exploitability, and business impact, enabling effective prioritization and remediation strategies.
• Analytical Thinking & Problem Solving: Strong capability to analyze complex security data, identify trends and root causes, and translate findings into actionable insights.
• Attention to Detail & Audit Readiness: High level of accuracy in validating vulnerability data, configuration compliance, and exception handling, ensuring outputs are audit-ready and defensible.
• Communication & Executive Reporting: Ability to clearly articulate technical risks and remediation status to both technical teams and senior leadership, supporting informed decision-making.
• Collaboration & Influence: Proven ability to work across cross-functional teams to drive remediation, enforce security standards, and improve overall security posture.
• Operational Ownership & Continuous Improvement: Proactive mindset focused on enhancing vulnerability management processes, reducing risk exposure, and improving control effectiveness across the enterprise.

Since 1995, iTech Solutions Inc., has been providing IT Consulting and Direct Hire Services to the Insurance, Financial, Communications, Manufacturing and Government sectors with local offices in Connecticut, Minnesota, Colorado, Massachusetts, Tennessee, North Carolina, and New Jersey / Pennsylvania area.

Our recruiting strategy is simple, if you want to find qualified IT professionals then use IT professionals to find them. So at iTech Solutions, our personnel are all career IT professionals with a wide range of IT experience. We can honestly say our staff understands the technologies, the complexities of finding and selecting the appropriate personnel and the pressures of running successful IT projects.

Employer will not sponsor applicants for any employment visas, at hiring or in the future, including but not limited to H-1B visas. Corp-to-Corp or subcontract personnel will not be considered for this position.

iTech Solutions, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans or individuals with disabilities.