Vulnerability Management Analyst

Vulnerability Management Analyst / Contract / Remote

Location: California, CA

100% Remote

Contract

$65/hr - $67.24/hr

Leader in their industry, our exciting global SaaS construction platform client seeks a contract Vulnerability Management Analyst. This is a fully remote role. Must be currently living in the USA.

The FedRAMP Vulnerability Management Analyst is a contract role focused on reviewing vulnerability deviation requests and working directly with engineering and development teams to ensure timely remediation or formal approval of exceptions within a FedRAMP authorized SaaS environment. The analyst keeps the exception workflow moving by validating requests, guiding teams on compensating controls, and updating program artifacts while maturing policies and procedures that support continuous compliance.

Contract Duration: 6-Months

Required Skills & Experience

• At least three years in vulnerability or risk management.
• Experience with container and cloud environments such as EKS, ECS, or Kubernetes is beneficial.

Desired Skills & Experience

• Prior coordination with software engineering or DevOps teams on vulnerability remediation is strongly preferred.

What You Will Be Doing
Daily Responsibilities

• Receive and evaluate deviation and risk acceptance requests; confirm CVSS scores, affected assets, and proposed compensating controls.
• Meet with engineers and developers to understand technical constraints, agree on remediation timelines, and document alternative solutions that satisfy FedRAMP Moderate or High requirements.
• Draft or refine risk acceptance forms and POA&M entries; shepherd each request through security, compliance, and Authorizing Official approval.
• Maintain an up to date exception register with owners, due dates, and re validation checkpoints; remind stakeholders as deadlines approach.
• Update vulnerability management runbooks, service level agreements, and playbooks to reflect the approved deviation handling process and any new tooling integrations.
• Help integrate scanners or ticketing systems such as Prisma Cloud, Tenable, Qualys, and Jira so deviation status is captured and tracked automatically.
• Advise engineering teams on FedRAMP control requirements, acceptable compensating controls, and best practices for patching or mitigating findings.
• Support audits by supplying requested evidence and context prepared by the compliance team.

You will receive the following benefits:

• Medical Insurance - Four medical plans to choose from for you and your family
• Dental & Orthodontia Benefits
• Vision Benefits
• Health Savings Account (HSA)
• Health and Dependent Care Flexible Spending Accounts
• Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance
• Hospital Indemnity Insurance
• 401(k) including match with pre and post-tax options
• Paid Sick Time Leave
• Legal and Identity Protection Plans
• Pre-tax Commuter Benefit
• 529 College Saver Plan

Motion Recruitment Partners (MRP) is an Equal Opportunity Employer. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under MRP’s Employment Accommodation policy. Applicants need to make their needs known in advance.