Vulnerability Assessment Analyst

Job Description

Job Description

Halvik Corp delivers a wide range of services to 13 executive agencies and 15 independent agencies. Halvik is a highly successful WOB business with more than 50 prime contracts and 500+ professionals delivering Digital Services, Advanced Analytics, Artificial Intelligence/Machine Learning, Cyber Security and Cutting-Edge Technology across the US Government. Be a part of something special!

We're seeking a Vulnerability Assessment Analyst to help identify, triage, and drive remediation of security vulnerabilities across infrastructure, endpoints, cloud, and applications. The ideal candidate brings strong vulnerability management fundamentals and a preferred skillset in ServiceNow and ServiceNow Vulnerability Response (VR) to operationalize intake, prioritization, exception handling, and reporting.

Key responsibilities

• Own day-to-day vulnerability intake, analysis, and triage from scanning and security tools; validate findings and reduce false positives.
• Perform risk-based prioritization (asset criticality, exploitability, exposure, compensating controls) and define remediation SLAs with stakeholders.
• Create and manage vulnerability remediation work in ServiceNow Vulnerability Response (VR) (e.g., groups, assignments, tasks, exceptions).
• Partner with infrastructure, cloud, and application teams to drive remediation to closure, including patching, configuration changes, or compensating controls.
• Support vulnerability operations such as retests/verification, aging management, backlog reduction, and remediation quality checks.
• Develop and maintain dashboards and metrics (open/overdue trends, MTTR, SLA compliance, recurrence) in ServiceNow and/or BI tools.
• Assist with policy and process (remediation SLAs, exception/risk acceptance workflow, evidence collection for audits).
• Contribute to continuous improvement: tuning scanner policies, workflow automation, CMDB alignment, and data quality controls.

Required qualifications

• 2+ years in vulnerability management, security operations, or related cyber role.
• This role is 100% on-site in Arlington, VA.
• Hands-on experience with vulnerability concepts and standards (e.g., CVSS, remediation validation, patch management coordination).
• Experience using common scanners and sources (e.g., Tenable, Crowdstrike Spotlight, container/cloud findings, SAST/DAST output).
• Strong analytical skills: ability to interpret technical findings and translate them into clear remediation actions.
• Excellent communication and stakeholder management across IT and security teams.

Preferred qualifications (ServiceNow / VR focus)

• Experience administering or power-using ServiceNow Vulnerability Response (VR) (creating vulnerability groups, assignment rules, SLAs, exceptions).
• Working knowledge of ServiceNow CMDB concepts (CI relationships, ownership, criticality) and how they affect prioritization.
• Experience integrating VR with scanners (e.g., Tenable/Qualys/Rapid7) and improving data quality and deduplication.
• Familiarity with ServiceNow reporting, Performance Analytics, or dashboarding for vulnerability KPIs.

Halvik offers a competitive full benefits package including:

Company-supported medical, dental, vision, life, STD, and LTD insurance

Benefits include 11 federal holidays and PTO

Eligible employees may receive performance-based incentives in recognition of individual and/or team achievements.

401(k) with company matching

Flexible Spending Accounts for commuter, medical, and dependent care expenses

Tuition Assistance

Charitable Contribution matching

Halvik Corp is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Halvik's pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.