Security Vulnerability Analyst

About Strideinc

Stride is seeking a Security Vulnerability Analyst professional to drive the technical execution and maturity of our vulnerability management function within the Security Operations team. This is a hands-on technical role, focused on overseeing vulnerability scanning, technical assessments, and remediation tracking across Stride’s AWS, Azure, and SaaS environments. The role collaborates closely with Engineering, AppSec, DevOps, and Infrastructure teams to ensure effective risk reduction through secure practices and data-driven remediation.

Job Summary

As a Security Vulnerability Analyst, you will lead and assist vulnerability management operations across all cloud (AWS/Azure) and SaaS environments.

Key Responsibilities

• Own the configuration, tuning, and operational use of vulnerability management tooling (Tenable One or equivalent).
• Prioritize vulnerabilities using threat-based models (EPSS, CVSS, CISA KEVs).
• Serve as the primary liaison to Engineering, Infrastructure, and AppSec teams to coordinate remediation plans and validate fixes.
• Track and report remediation SLAs, exceptions, and risk acceptance items.
• Provide vulnerability metrics and trends for leadership, compliance, and audit purposes (SOX, FRAPRA).
• Participate in incident response activities related to active exploitation or critical vulnerabilities.
• Develop SOPs, playbooks, and dashboards for vulnerability tracking and reporting.
• Document all vulnerability management policies, procedures, and standards and keep them updated.
• Correlate vulnerability findings with threat intelligence feeds to assess real-world risk.
• Track emerging vulnerabilities (zero-day threats, CVEs) and evaluate their potential impact on the organization.
• Develop and maintain asset inventory and vulnerability baselines.
• Assist with vulnerability remediation verification and rescanning activities.
• Assist with Yearly external Pentest with Vendors.

Requirements

• Three (3) years of experience in security operations or vulnerability management.
• Hands-on experience with Tenable, Qualys, or similar vulnerability platforms in cloud-native environments.
• Deep knowledge of cloud security principles, particularly around AWS and Azure services.
• Familiarity with regulatory frameworks (NIST CSF, SOX, FRAPRA).
• Strong interpersonal and communication skills, with experience leading cross-functional remediation efforts.
• Ability to present risk findings to both technical and executive stakeholders.
• Ability to clear required background check.

Preferred Qualifications

• None required.

Benefits & Perks

• Work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.