×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Support

Vulnerability Management, Tenable​/Nessus & Metrics Analyst

Job in Crystal City, Zavala County, Texas, 78839, USA
Listing for: Intellect Solutions LLC
Full Time position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, IT Support
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Location: Crystal City

Clearance: Minimum Active Secret or above

Position Summary

We are seeking a Vulnerability Management, Tenable/Nessus & Metrics Analyst to support vulnerability management, security metrics, remediation tracking, and dashboard reporting in a federal technology environment. This role is designed for an analyst with approximately 1-3 years of relevant experience who can work hands‑on with Tenable/Nessus data, Excel, Power BI, iPost exports, ticketing records, and remediation evidence. The analyst will help identify affected systems, validate findings, track remediation ownership, monitor KEVs and Critical/High vulnerabilities, reconcile data across sources, and support leadership reporting.

The role should be positioned as an execution and coordination role. The analyst will not be expected to own enterprise security operations, perform all production patch deployments, or act as the ISSO. The analyst will support TIOCA Security and product/application teams by making vulnerability data accurate, actionable, and reportable.

Primary Responsibilities
  • Tenable/Nessus Vulnerability Analysis, Ad Hoc Scanning, and Native Dashboards
    • Perform and Review Tenable/Nessus scan exports and dashboards to identify affected assets, plugins, CVEs, severity, first‑seen dates, last‑seen dates, plugin output, vulnerability age, and remediation guidance.
    • Run approved ad hoc Tenable/Nessus scans when requested by TIOCA Security, product teams, ISSO, or leadership, using approved scan templates, credentialed scan profiles, scan windows, and target lists.
    • Create and maintain Tenable/Nessus native dashboards, saved views, reports, filters, asset groups/tags where permitted, and recurring exports for KEVs, Critical/High findings, stale findings, aging, ownership, and validation status.
    • Monitor scan jobs, confirm scan completion, export results, identify scan failures or credential issues, and elevate scan coverage or authentication problems to senior security staff or platform administrators.
    • Assist in validating whether findings are true positives, duplicates, stale/residual artifacts, configuration issues, missing patches, unsupported software, or application dependencies.
    • Track KEV status, Critical/High vulnerabilities, exploitable findings, internet‑facing risk indicators if available, and vulnerabilities tied to DOS or federal remediation timelines.
    • Use Tenable/Nessus evidence to support ownership assignment, remediation planning, retest validation, and closure evidence.
    • Reconcile Tenable/Nessus data against iPost, Service Now/CA Service Desk, Jira, POA&M trackers, Excel files, SharePoint trackers, and remediation evidence.
    • Escalate unclear Tenable/Nessus findings to senior security staff, system owners, application teams, SO/Windows Services, infrastructure, database teams, or ISSO stakeholders for ownership decisions.
    • Operate within approved rules of engagement. The role may run authorized ad hoc scans and build Tenable reports, but is not expected to be the enterprise Tenable platform administrator or final approver for scan policy changes.
  • Vulnerability Management Lifecycle Support
    • Support the vulnerability lifecycle: intake, triage, validation, ownership assignment, prioritization, remediation tracking, retest support, closure evidence collection, and recurrence monitoring.
    • Track KEVs, Critical/High vulnerabilities, EOL/EOS software, iPost findings, POA&M-related findings, patch findings, application‑impacting vulnerabilities, and blocked remediation items.
    • Identify remediation path options such as patching, software upgrade, dependency upgrade, configuration change, file removal, compensating control, risk acceptance, or decommissioning.
    • Document blockers, stale findings, aging risk, unclear ownership, cross‑team dependencies, and evidence gaps.
    • Help maintain action trackers with owners, due dates, next steps, escalation status, and evidence status.
    • Support weekly vulnerability review meetings, Critical/High/KEV response sessions, POA&M reviews, and monthly reporting cycles.
  • Metrics, Reporting, and Power BI Dashboarding
    • Build and maintain basic to intermediate Power BI dashboards and Excel‑based reports for vulnerability posture,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search