In-Demand IT Careers

IT Systems Analyst (Vulnerability Management)

Greater Pittsburgh Area, PA 15222

Posted: 03/15/2019 Job Number: 3426

The IT Systems Analyst (Vulnerability Management) is responsible for maintaining and executing the company’s comprehensive vulnerability management program in order to mitigate threats posed in the environment. You’ll interact with multiple technology stakeholders in order to facilitate the vulnerability management program, as well as assist in the overall execution of the company’s security and compliance portfolio.


  • Maintain and execute associated vulnerability management procedures

  • Evaluate risk of vulnerabilities to ensure that results are accurate and appropriately risk-categorized

  • Track dashboards to denote risk ratings and target service level agreement goals, including risk acceptance and alternative action plans

  • Work with stakeholders to help define remediation plans for vulnerabilities according to established procedures, SLAs and remediation timetables

  • Execute validation functions to ensure proper closure of the vulnerability

  • Maintain metrics relative to vulnerability management for reporting

  • Enhance the use of vulnerability management software tools to gather information about the company’s security posture; monitoring compliance with company’s security-hardening standards across all company technology platforms

  • Be knowledgeable of new security threats, vulnerabilities and industry solutions, as well as security technology trends and advances; advising management on how these threats can affect information assets and providing recommendations for mitigating them

  • Assist with third-party security, threat and vulnerability assessment activities

  • Execute of the company’s security compliance program to ensure adherence to security best practices, regulatory requirements and company’s security policies

  • Participate on project working teams that introduce new capabilities and technologies to ensure that vulnerability and hardening exposure is managed


  • Bachelor’s degree in information systems or related field, or an equivalent combination of education and work experience; industry certification or eligibility preferred (e.g., Security: CISSP, CISA and CRISC; Technical: OWASP)

  • 3 to 5 years of experience in information security or a combination of information security and IT/IS audit or related discipline

  • Strong knowledge of vulnerability management processes to support external, internal and web application scanning practices

  • Solid understanding of operational baselines hardening (e.g., CIS Benchmarking) standards

  • Deep knowledge of web application coding (dynamic) scanning practices

  • Strong spreadsheet and data analytic skills (including detail focus and critical thinking)

  • Knowledge of static code analysis tools is a plus

  • Working knowledge of information security best practices, technology control frameworks (e.g., NIST CSF and COBIT) and information security risk management standards

  • Knowledge of IT service management processes and related control activities in the areas of change management, computer operations, database administration, information security administration, network security, operating system security and web application security

  • Strong aptitude for technology, an ability to learn quickly, and a desire to solve problems and improve processes

Our Benefits?

Comprehensive medical, dental and vision



OpenArc is an equal opportunity employer

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

"Whether you are looking to fill or looking to advance your career, I would strongly suggest speaking to Scott and his team at OpenArc. Scott and his team provided a consultative and hands on approach throughout the entire process in my recent transition. Their unique approach was unlike anything I've experienced either as a candidate or a hiring manager,"

-Mark Quinn, Service Sales Executive at Siemens Medical Solutions, USA, Inc.

"Working with OpenArc was a great experience. The position I accepted was accurately described and my questions on benefits, paid time-off, and holidays and more were promptly answered. The entire OpenArc team was a very professional and to the point. I highly recommended OpenArc to all of my peers."

- Lisa McLaughlin, Executive Director, ACAPT

Take the Next Step

Find the right job now