| Location: | Arlington, VA, USA | Pay Rate: | $110000 - $125000 per year |
| Pay Type: | per year | Employment Type: | Full Time |
Halvik Corp delivers a wide range of services to 13 executive agencies and 15 independent agencies. Halvik is a highly successful WOB business with more than 50 prime contracts and 500+ professionals delivering Digital Services, Advanced Analytics, Artificial Intelligence/Machine Learning, Cyber Security and Cutting-Edge Technology across the US Government. Be a part of something special!
We're seeking a Vulnerability Assessment Analyst to help identify, triage, and drive remediation of security vulnerabilities across infrastructure, endpoints, cloud, and applications. The ideal candidate brings strong vulnerability management fundamentals and a preferred skillset in ServiceNow and ServiceNow Vulnerability Response (VR) to operationalize intake, prioritization, exception handling, and reporting.
Key responsibilities
- Own day-to-day vulnerability intake, analysis, and triage from scanning and security tools; validate findings and reduce false positives.
- Perform risk-based prioritization (asset criticality, exploitability, exposure, compensating controls) and define remediation SLAs with stakeholders.
- Create and manage vulnerability remediation work in ServiceNow Vulnerability Response (VR) (e.g., groups, assignments, tasks, exceptions).
- Partner with infrastructure, cloud, and application teams to drive remediation to closure, including patching, configuration changes, or compensating controls.
- Support vulnerability operations such as retests/verification, aging management, backlog reduction, and remediation quality checks.
- Develop and maintain dashboards and metrics (open/overdue trends, MTTR, SLA compliance, recurrence) in ServiceNow and/or BI tools.
- Assist with policy and process (remediation SLAs, exception/risk acceptance workflow, evidence collection for audits).
- Contribute to continuous improvement: tuning scanner policies, workflow automation, CMDB alignment, and data quality controls.
Required qualifications
- 2+ years in vulnerability management, security operations, or related cyber role.
- This role is 100% on-site in Arlington, VA.
- Hands-on experience with vulnerability concepts and standards (e.g., CVSS, remediation validation, patch management coordination).
- Experience using common scanners and sources (e.g., Tenable, Crowdstrike Spotlight, container/cloud findings, SAST/DAST output).
- Strong analytical skills: ability to interpret technical findings and translate them into clear remediation actions.
- Excellent communication and stakeholder management across IT and security teams.
Preferred qualifications (ServiceNow / VR focus)
- Experience administering or power-using ServiceNow Vulnerability Response (VR) (creating vulnerability groups, assignment rules, SLAs, exceptions).
- Working knowledge of ServiceNow CMDB concepts (CI relationships, ownership, criticality) and how they affect prioritization.
- Experience integrating VR with scanners (e.g., Tenable/Qualys/Rapid7) and improving data quality and deduplication.
- Familiarity with ServiceNow reporting, Performance Analytics, or dashboarding for vulnerability KPIs.
-
Apply Now
