Security Vulnerability Analyst

Overview

Stefanini Group is looking for a Cyber Security Vulnerability Analyst to complement the technical capabilities of our Security Operations Center (SOC), part of Infrastructure Services (INFRA) Division. As a Vulnerability Analyst, you will act as the technical point of contact for vulnerability management activities. You will independently deliver vulnerability assessment services, support client interactions, and provide actionable risk-based insights while ensuring high-quality service delivery within an MSSP environment.

• Serve as a technical escalation point for client vulnerability management-related issues.
• Perform vulnerability assessment scanning, false positive validation, compliance scanning, and policy configuration using various vulnerability management tools.
• Review security vulnerabilities across multiple technologies and environments to identify high-risk issues affecting business assets.
• Conduct risk, threat, and vulnerability analysis, including understanding exploitation techniques and attack paths.
• Provide clear remediation guidance and assist clients in prioritizing vulnerabilities based on risk and impact.
• Support patch management and remediation tracking activities.
• Integrate, analyze, and communicate vulnerability metrics, trends, and risk posture to clients and internal management.
• Ensure vulnerability management activities comply with defined SLAs, processes, and client requirements.
• Contribute to continuous improvement of vulnerability management processes and reporting.
• Participate in mentoring junior analysts and knowledge-sharing activities.

• 2-3+ years of hands-on experience in vulnerability management or patch management.
• 3-5 years of experience in IT and/or Cybersecurity roles.
• Experience with vulnerability assessment tools such as Microsoft Defender Vulnerability Assessment, Nessus, Qualys or Rapid
  7.
• Strong understanding of vulnerability classes and classification schemes (CVE, CVSSv2/v3, CWE, CPE).
• Ability to analyze vulnerabilities and assign meaningful severity and remediation priorities.
• Good technical knowledge of networks, firewalls, operating systems, and enterprise environments.
• Understanding of related security domains (e.g., Incident Response, IAM, Threat Assessment).
• Strong analytical and problem-solving skills.
• Good written and verbal communication skills in English, including client-facing communication.
• Ability to work independently and manage multiple priorities in an MSSP environment.

• Excellent written and verbal communication skills in English.
• Excellent at communicating technical problems and solutions to both technical and non-technical audiences.
• Strong analytical and problem-solving skills.
• Ability to work collaboratively with cross-functional teams.
• Strategic mindset with the ability to think critically and make data-driven decisions.
• High degree of initiative, dependability and ability to work with little supervision.

It's best to apply today, because job postings can be taken down and we wouldn't want you to miss this opportunity. For more information, contact

The preceding job description is intended to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties and responsibilities required of employees assigned to this job.

Here at the Stefanini Group, we value plurality and equity, regardless of race, sexual orientation, disability, age, ancestry, religion, gender, and nationality. We understand and encourage the importance of being you!

We are the Stefanini group, a global tech consulting company of Brazilian origin that believes in the power of people to transform businesses through technology. We are present in over 40 countries and operate with the purpose of co-creating solutions TOGETHER WITH OUR CLIENTS that accelerate results and improve the experience of people and organizations. Our mindset is AI First, meaning we invest in cutting-edge technology in everything we do,…