Vulnerability Analyst

About Swooped

Our client, Swooped, is on a mission to make the world a safer place by solving its clients’ hardest cybersecurity challenges. The team works at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. The organization has offices across the U.S. and U.K., and supports clients around the world.

Swooped is comprised of thought leaders, consultants, and cybersecurity experts, but above all else, it is a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

About The Vulnerability Analyst Role

Swooped is looking for a continuous monitoring engineer to work on its vulnerability management processes, driving compliance and security in cloud-based environments. If you are driven by a desire to innovate, excel at operational excellence, and thrive in a collaborative environment, come be part of a team committed to making the world a safer place.

Key Responsibilities

• Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment justification, and deviation requests in coordination with 3PAO assessors and federal stakeholders
• Collect, organize, and maintain security control evidence and artifacts for monthly continuous monitoring deliverables and assessment/authorization activities, ensuring alignment with FedRAMP, HITRUST, PCI, and similar frameworks
• Maintain accurate system inventory and authorization boundary documentation to ensure scanning scope aligns with approved system boundaries
• Analyze scan results for false positives, document justifications, and prepare deviation requests with supporting risk assessments
• Translate technical vulnerability findings into risk-based language for federal clients and authorization officials, presenting monthly status briefings as needed
• Collaborate with development, SRE, and infrastructure teams to integrate vulnerability management into CI/CD pipelines, cloud environments (AWS, Azure, GCP), and container/Kubernetes platforms
• Participate in change management processes to ensure continuous monitoring activities align with system changes and maintain compliance posture
• Support and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches
• Run regular and on-demand scans across operating systems, databases, web applications, and containers, then work with technical teams to create tickets for remediation
• Track and document vendor dependencies, operational requirements, and open vulnerabilities, producing clear monthly reports and updates for clients
• Contribute to improving internal standards and processes, including maintaining documentation, training materials, and standard operating procedures

Required Qualifications

• 3–5 years of professional experience in vulnerability management, compliance monitoring, or related security operations roles
• Hands-on expertise with operating system, database, network, container, web application, and API vulnerability management
• Direct experience supporting vulnerability management in at least two of the following cloud providers: AWS, Azure, GCP
• Background working within at least one compliance framework (for example, FedRAMP, HITRUST, PCI), including risk assessment and reporting
• Experience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams
• Administrator-level certification in AWS, Azure, or GCP
• Working knowledge of cloud architecture and security controls in AWS, Azure, or GCP, including ability to assess attack surfaces and recommend cloud-native remediation approaches
• Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks
• Understanding of NIST 800-53 security controls, particularly RA-5, SI-2, CM-6, and how continuous monitoring supports control implementation
• Experience with STIG benchmarks and automated compliance scanning tools (SCAP, SCC)
• Familiarity with baseline configuration standards (CIS Benchmarks, vendor hardening guides) and compliance posture reporting
• Ability to distinguish false positives from true vulnerabilities and articulate risk-based justifications for deviation requests
• Proficiency in scripting languages (Python, PowerShell, Bash) for task automation, report generation, and remediation workflows
• Strong client-facing communication and documentation skills, with ability to present technical findings to federal stakeholders and produce timely compliance reports
• Ability to work efficiently with cross-functional technical teams to investigate, prioritize, and coordinate vulnerability remediation efforts
• Bachelor’s degree or equivalent work experience.

Preferred Qualifications

• Security-focused cloud certifications for AWS, Azure, or GCP
• CISSP
• Familiarity with container security scanning tools (Trivy, Anchore, Snyk) and Kubernetes security postures
• Knowledge of software composition analysis (SCA) and static/dynamic application security testing (SAST/DAST) tools
• Familiarity with CI/CD security integration patterns and DevSecOps toolchains

Why Join Swooped?

Swooped provides the support needed to thrive personally and professionally. In many cases, a flexible work model is provided that empowers individuals to choose when and where they will work most effectively – whether at home or an office.

Key skills/competency

• Vulnerability Management
• Cloud Security
• Compliance Frameworks (FedRAMP, HITRUST, PCI)
• Risk Assessment
• Security Operations
• CI/CD Security
• AWS, Azure, GCP
• Scripting (Python, PowerShell, Bash)
• NIST 800-53
• Container Security