Vulnerability Management / Remediation Analyst
Job Description
Vulnerability Management / Remediation Analyst
Location: 100% Remote
Client: Solventum (formerly part of 3M)
PV: Siliconstartech
Employment Type: W2 Only
Duration: Long-term
No. of Openings: 2
Rate: $40/hr (W2 Max)
Work Authorization: USC / GC / GC EAD / H4 EAD
Note: No H1B
Job Summary
We are seeking a highly skilled Vulnerability Management / Remediation Analyst specializing in asset discovery, risk prioritization, and vulnerability remediation. This role is strictly focused on vulnerability management and remediation analysis — not a general Cyber Security Analyst position.
Candidates must have strong enterprise-level experience, preferably with Fortune 500 companies similar in scale to Solventum. Profiles from government clients will not be considered. Experience with SAP environments is a plus.
Excellent communication skills are mandatory. Candidates must be articulate, confident, and able to clearly explain their projects and technical experience.
Key Responsibilities
• Support vulnerability identification, prioritization, triage, tracking, and remediation coordination
• Analyze vulnerability scan outputs across platforms such as Qualys, Orca, Nexus, Checkmarx, and Varonis
• Prioritize vulnerabilities using established risk frameworks and CVE scoring methodologies
• Create remediation tickets and track progress using workflow orchestration tools
• Coordinate cross-functional remediation efforts across infrastructure, applications, cloud, and SAP teams
• Support compliance, reporting, and vulnerability program KPIs
• Interpret vulnerability data and provide actionable remediation recommendations
Required Skills & Experience
• Strong hands-on experience with vulnerability scanning tools (Qualys, Nessus, Orca, etc.)
• Experience with code scanning tools such as Checkmarx and Nexus
• Solid understanding of CVE scoring, exploitability analysis, and risk prioritization frameworks
• Experience working with remediation tracking tools (ServiceNow, Jira)
• Strong communication skills with cross-functional remediation teams
• Experience with vulnerability dashboards and reporting metrics (preferred)
Preferred Certifications
Candidates with the following certifications are strongly preferred:
• GIAC Enterprise Vulnerability Assessor (GEVA) – Gold standard for Vulnerability Management
• CompTIA PenTest+ or Certified Ethical Hacker (CEH)
• Certified Vulnerability Assessor (CVA)
Essential Tools Experience
• Scanners: Tenable Nessus, Qualys VMDR, Rapid7 InsightVM
• Web Application Security: Burp Suite, Invicti (formerly Acunetix)
• Remediation Tracking: ServiceNow, Jira
• Cloud Security: Wiz, Prisma Cloud
Important Notes
• Candidates must have strong enterprise experience (Fortune 500 preferred)
• Government project backgrounds will not be considered
• SAP environment experience is a plus
• No proxy interviews or external assistance during interviews
• Candidates must not wear headsets during interviews
Similar Jobs
Adobe AEM Business Analyst
Remote
Business Analyst
New Jersey
Programmer Analyst
Remote
Vulnerability Engineer-7
Remote
Vulnerability Management Business Analyst
Florida