Cybersecurity Analyst – Vulnerability Management

Job Description
On behalf of our Healthcare client, Affinity Healthcare Solutions is seeking a Cybersecurity Analyst – Vulnerability Management to be responsible for identifying, analyzing, and tracking vulnerabilities through to remediation, ensuring accurate risk prioritization and consistent execution across technical teams. The Analyst will work closely with infrastructure, cloud, and application teams to validate findings, support remediation efforts, and maintain visibility into organizational risk exposure.
Responsibilities
Vulnerability Management

• Execute vulnerability scans across enterprise environments using platforms such as Tenable One.
• Review and validate scan results, including identification of false positives and assessment of exploitability.
• Apply risk-based prioritization using CVSS, exposure, asset criticality, and threat context.
• Track vulnerabilities through remediation using ticketing systems and verify closure through re-scanning or evidence review.
• Maintain and tune scan configurations, policies, and schedules to ensure accurate and consistent coverage.

Asset Visibility & Data Quality

• Maintain accurate asset inventory and tagging to support vulnerability identification and prioritization.
• Identify unknown, unmanaged, or misclassified assets and escalate for resolution.

Reporting & Operations

• Produce operational reporting for technical teams and summary reporting for management.
• Perform routine health checks on scanning infrastructure (agents, scanners) and escalate issues as required.
• Support consistent documentation of findings, remediation status, and risk posture.

Qualifications
Required Experience

• 4+ years of experience in vulnerability management, security operations, or infrastructure security.
• Hands-on experience with vulnerability management tools (e.g., Tenable, Rapid7, Qualys).
• Experience working with CVEs, CVSS scoring, and vulnerability data for prioritization and tracking.
• Familiarity with common vulnerability types (e.g., missing patches, insecure configurations, exposed services).
• Working knowledge of networking fundamentals (TCP/IP, ports) and Windows/Linux environments.
• Experience using ticketing systems to track remediation activities.
• Strong communication skills with the ability to explain technical issues to varied audiences.

Core Competencies

• Analytical and detail-oriented approach
• Structured execution and follow-through
• Clear technical communication
• Ability to work independently and manage workload
• Sound judgment with appropriate escalation of complex issues

Nice-to-Have

• Experience in cloud environments (e.g., Azure, AWS)
• Familiarity with vulnerability prioritization frameworks (e.g., KEV, threat intelligence feeds)
• Experience in healthcare or regulated environments

Affinity Earn
Know someone who’s great for this, or any of our open roles? Earn up to $4,000/year for each successful referral through Affinity Earn. You can also earn up to $50,000 for helping us find new clients. Learn about our referral program at https://affinity-group.ca/earn/ or browse our jobs & follow us at https://www.linkedin.com/company/affinity-staffing/jobs/
About Affinity
Affinity Group is a technology and business consulting and services company. We believe in creating long term relationships between clients and consultants that foster a mutually beneficial partnership. Affinity is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit and business need.
For more information on Affinity, please visit www.affinity-group.ca
Job Number: 13293