Vulnerability Analyst

**Due to certain contracts and nature of the work, US Citizenship is required."

We are seeking a motivated and detail-oriented Junior to Mid-Level Vulnerability Management (VM) Analyst to join our cybersecurity team. This fully remote role is ideal for someone early in their cybersecurity career or looking to grow into a mid-level position with a solid foundation in network and web application security concepts. You will primarily support the waiver research and approval process, analyze vulnerabilities, and work with tools like Invicti (web application scanning) and Tenable SecurityCenter (SC).

Review and assess waiver requests for security vulnerabilities, ensuring proper documentation and justification.
• Use Invicti to scan and evaluate web applications for vulnerabilities such as XSS, SQL injection, and misconfigurations.
• Leverage Tenable SC to identify and assess vulnerabilities across network and infrastructure assets.
• Collaborate with application and system owners to gather technical information, remediation timelines, or risk mitigation plans.
• Document and track waiver decisions, expirations, and compliance requirements.
• Stay current on vulnerability trends, common exploits, and industry best practices.
• Support the broader vulnerability management lifecycle, including reporting and follow-up.

• 1-3 years of experience in cybersecurity, IT security, or a related technical role (internships, labs, or academic projects welcome).
• The OSI model and data flow across network layers
• HTTPS and secure web communication
• Core networking concepts, including IP addressing, DNS resolution, ports, TCP/IP, and firewalls.
• Familiarity with vulnerability scanning tools such as Invicti, Tenable, or similar.
• Basic understanding of CVEs, CVSS scoring, and how vulnerabilities are classified.
• Strong analytical and problem-solving skills.
• Detail-oriented with strong documentation and organizational habits.
• Effective communication skills in a fully remote work environment.
• Eagerness to learn and grow in the cybersecurity field.
• Awareness of Binding Operational Directives (BODs) and their role in cybersecurity compliance (e.g., BOD 22-01, BOD 23-02)

Preferred Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
• Entry-level security certifications (e.g., CompTIA Security+ or similar).
• Awareness of common web application vulnerabilities (e.g., OWASP Top 10).
• Experience using ticketing/workflow systems, especially ServiceNow.
• Familiarity with the vulnerability management lifecycle and concepts like remediation, exception handling, and risk acceptance.
• Exposure to secure coding principles and basic scripting (e.g., Python, Bash) is a plus.
• Awareness of and ability to support compliance with security and privacy frameworks such as:
  • NIST 800-53 or NIST Cybersecurity Framework (CSF)
  • FISMA (Federal Information Security Management Act)
  • HIPAA (Health Insurance Portability and Accountability Act)
• Familiarity with applying BOD requirements to vulnerability remediation and compliance workflows

Salary - $70K - $90K DOE

Additional benefits include:

• Paid Time Off & Holiday Pay
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Disability, Life Insurance, and AD&D
• Flexible Spending Accounts
• Pre-Tax 401K and/or After-Tax Roth IRA (with employer matching contribution)
• Tuition and Technical Training Reimbursement
• Exercise Reimbursement
• Computer Reimbursement
• Employee Assistance Program

About Us:

Edgewater Federal Solutions is a privately held government contracting firm located near Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater is ISO 9001, 20000-1, 27001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018-2024.

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by applicable law.