Vulnerability/Threat Management Analyst

The Vulnerability/Threat Management Analyst identifies and manages weaknesses and cyber threats in networks and software and then takes measures to correct and strengthen security within the system.

Role overview

Vulnerability/Threat Management Analysts are responsible for maintaining all vulnerability or threat management solutions, ensuring that all assets and systems are scanned for vulnerabilities regularly. They then need to bring any findings to the attention of the business while working within the cybersecurity department to prioritize and remediate threats.

Threat Management Analysts
may also be referred to as:
Cloud Security Threat Management Engineer
Cybersecurity Threat Engineer
Cybersecurity Threat Specialist
Cyber Threat Assessor
Cyber Threat Engineer
Cybersecurity Threat Analyst
Cybersecurity Vulnerability Analyst
Cybersecurity Vulnerability Assessor
Security Threat Coordinator
Threat And Vulnerability Engineer
Threat And Vulnerability Management Analyst
Threat And Vulnerability Management Intern
Threat And Vulnerability Manager
Vulnerability Analyst
Vulnerability Management Administrator
Vulnerability Management Analyst
Vulnerability Manager

Career Path

Map your career path by understanding role relationships

Average Salary

Based upon experience, salary for this role ranges from:
$123,300
National Average
$136,650
$150,000
* based upon those with two plus years of cybersecurity experience

Responsibilities

Operating the vulnerability scanning tool set, including Nexpose and Tenable.
Improving business-wide knowledge and understanding of emerging threats.
Reviewing and analyzing vulnerability data to identify trends and patterns.
Advising employees responsible for remediation on the best reduction and remediation practices.
Influencing the development of vulnerability management standards and security policies.
Operating vulnerability management processes, suggesting applicable change controls, and security exceptions.
Designing and implementing vulnerability reporting and monitoring solutions.
Maintaining and updating process guides and assisting with reporting to leadership and service stakeholders.
Assisting and supporting the manager in incident handling/investigations.
Performing risk-based technical assessments on technical vulnerabilities.

Tools & Environment

Vulnerability or Threat Management Analysts use various tools associated with vulnerability management, such as Qualys, Kenna, Microsoft Defender ATP, and ServiceNow. They also work with various public cloud infrastructures, scripting languages, and reporting tools.

Certifications

Category Organization Certification
Defense (ISC)2 CISSP-ISSEP
Defense (ISC)2 SSCP
Defense (ISC)2 CCSP
Defense (ISC)2 CAP
Defense Alibaba ACA
Defense Alibaba ACP
Defense Alibaba ACE
Defense AWS Certified Security
Defense CertNexus ITS
Defense Check Point CCSA
Defense Check Point CCSE
Defense Cisco CCNA Security
Defense Cisco CCNP Security
Defense Cisco CCIE Security
Defense Cisco CCNA CyberOps
Defense Cloud Credential Council PCSM
Defense CompTIA Security+
Defense CompTIA CySA+
Defense CompTIA CASP
Defense CREST CCWS
Defense CREST CPTIA
Defense CREST CRTIA
Defense CREST CCTIM
Defense CREST CPIA
Defense CREST CRIA
Defense CREST CCNIA
Defense CREST CCHIA
Defense CREST CCMRE
Defense CSA CCSK
Defense EC-Council CND
Defense EC-Council EDRP
Defense EC-Council CTIA
Defense EC-Council CSA
Defense EC-Council ECSS
Defense EITCI EITCA/IS
Defense eLearnSecurity eNDP
Defense eLearnSecurity eCRE
Defense eLearnSecurity eCTHP
Defense EXIN CIT-F
Defense Fortinet NSE 4
Defense Fortinet NSE 5
Defense Fortinet NSE 6
Defense Fortinet NSE 7
Defense Fortinet NSE 8
Defense GAQM CISP
Defense GIAC GSEC
Defense GIAC GCIA
Defense GIAC GISF
Defense GIAC GCED
Defense GIAC GCWN
Defense GIAC GPPA
Defense GIAC GMON
Defense GIAC GCCC
Defense GIAC GCUX
Defense GIAC GDAT
Defense GIAC GMOB
Defense GIAC GAWN
Defense GIAC GREM
Defense GIAC GCTI
Defense GIAC GISP
Defense GIAC GWEB
Defense GIAC GICSP
Defense GIAC GRID
Defense GIAC GCIP
Defense GIAC GEVA
Defense GIAC GOSI
Defense GIAC GCSA
Defense Google PCSE
Defense HISPI HISP
Defense IACRB CDRP
Defense IACRB CEREA
Defense IACRB CREA
Defense IACRB CSSA
Defense IBITGQ C CR P
Defense IBITGQ CITGP
Defense IBITGQ C CS F
Defense ISACA CSX-F
Defense ISACA CSX-T
Defense ISACA CSX-P
Defense ISECOM OPSA
Defense ISECOM OPSE
Defense Juniper JNCIA-SEC
Defense Juniper JNCIS-SEC
Defense Juniper JNCIP-SEC
Defense Juniper JNCIE-SEC
Defense Juniper JNCDS-SEC
Defense Lunarline CECS
Defense Lunarline CESA
Defense McAfee Institute CCII
Defense McAfee Institute CCIP
Defense McAfee Institute CSMIE
Defense McAfee Institute SMIA
Defense McAfee Institute CCTA
Defense McAfee Institute C|OSINT
Defense Microsoft AZ-500
Defense Mile2 C)SA2
Defense Mile2 C)SP
Defense Mile2 IS20
Defense Mile2 C)VA
Defense Mile2 C)DRE
Defense Mile2 C)VCP
Defense Mile2 C)VE
Defense Mile2 C)CSO
Defense Mile2 C)VSE
Defense Mile2 C)ISS
Defense Palo Alto PCCSA
Defense Palo Alto PCNSA
Defense Palo Alto PCNSE
Defense Redhat EX415
Defense Redhat EX425
Defense SECO-Institute S-ISF
Defense SECO-Institute S-ISP
Defense SECO-Institute S-ITSF
Defense SECO-Institute S-ITSP
Defense SECO-Institute S-ITSE
Defense SECO-Institute S-DWF
Defense Symantec 250-215
Defense Symantec 250-420
Defense Symantec 250-426
Defense Symantec 250-428
Defense Symantec 250-430
Defense Symantec 250-433
Defense Symantec 250-438
Defense Symantec 250-440
Defense Symantec 250-441
Defense Symantec 251/250-443
Defense Symantec 250-444
Defense Symantec 250-445
Defense Symantec 251/250-446
Defense Symantec 251/250-447
Defense Symantec 251/250-551
Defense Symantec 250-556
Organization

[cyber_job_role_count] Vulnerability/Threat Management Analyst jobs

Resources

Videos

Watch our latest videos, talks an recorded events
Watch

White Papers

Download our whitepapers and printed resources
Learn

Free Courses

Browse our training courses and educational resources
See All

Podcasts

Listen to our podcast features and recorded roundtables
Listen

Get our latest insights. Subscribe to our newsletter.