Information Security Threat, Vulnerability & Risk Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Versant Health · 8 hours ago

Information Security Threat, Vulnerability & Risk Analyst

positionTroy, NY
timeFull-time
remoteOnsite
seniorityMid Level
money$100K/yr - $110K/yr
date3+ years exp

Versant Health is one of the nation’s leading administrators of managed vision care, serving millions of our clients’ members nationwide. The Information Security Threat, Vulnerability, and Risk Analyst is responsible for ensuring the secure design and compliance of enterprise architecture, conducting vulnerability assessments, and providing remediation guidance to enhance the organization’s security posture.

EyewearHealth CareInsurance
check
H1B Sponsor Likelynote

Responsibilities

Conduct recurring vulnerability scans; Audit and track mitigation activities through to completion
Conduct both self-assessments and coordinate third party risk assessments of technology infrastructure and operational processes and controls for assigned areas
Conduct scheduled, targeted (in response to advisories and remediation verification), and ad-hoc IT compliance checks and vulnerability scans for the Versant Health global enterprise
Investigate and validate risk levels associated with vulnerabilities identified via vulnerability scanning tools (Qualys, Kenna, Armis, etc.)
Provide remediation guidance and recommendations; Coordinate with Development Operations, IT, and other teams as needed to provide oversight to the remediation and/or mitigation of enterprise vulnerabilities
Maintain and enhance the existing IT and vulnerability management infrastructure, including maintenance of scanning tools, licensing, procedures, reporting, and associated communications (downtimes, upgrades, report changes, etc.)
Identify security gaps within our enterprise systems that would not otherwise be detected by a scanning solution in target systems, networks, and applications to support the organization in improving existing security controls and mechanisms
Create processes and workflows for all aspects of IT compliance auditing and vulnerability management. Work with cross-functional teams to improve processes, workflows, and operational efficiencies
Utilize proven/reputable sources to maintain an awareness of prevailing and emerging vulnerabilities to proactively address vulnerabilities
Provide recurring and ad-hoc vulnerability reports upon request
Establish appropriate vulnerability management calendar, schedule engagements, and track activities to completion; Maintain documentation of scans and activities
Provide updates and track remediation of risks added to the Information Security Risk Register
Perform additional duties as assigned

Qualification

Information SecurityVulnerability ManagementRisk AssessmentVulnerability Scanning ToolsPatch ManagementSecurity Hardening PrinciplesCompliance MonitoringCompTIA Security+CompTIA Cybersecurity Analyst+Certified Cloud Security Professional

Required

Bachelor's Degree
3+ years of Information Security experience, particularly in Security Engineering and Security Operations required
Experience with cybersecurity vulnerability management and analysis and compliance monitoring required
Working understanding of the use of vulnerability detection/identification tools such as Qualys, Tenable, etc. required
Experience working as part of a patch management process and a familiarity with patching tools (i.e. SCCM, JAMF, KACE, etc.) required
Desktop, server, application, database, and network security hardening principles and practices for threat prevention required
Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools) required
Ability to understand information security and information technology risks associated with vulnerability testing, patch management, and secure configuration management required
Ability to analyze and prioritize vulnerabilities to appropriately characterize threats and provide remediation advice required
Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE) required

Preferred

Experience in IT controls monitoring for regulatory and compliance requirements like CIS, HITRUST, SOC 2, and/or NIST
CompTIA Security+, CompTIA Cybersecurity Analyst+, or Certified Cloud Security Professional (CCSP)

Benefits

Health and dental insurance
Tuition reimbursement
401(k) with company match
Pet insurance
No-cost-to-you vision insurance for you and your qualified dependents

Company

Versant Health

twittertwittertwitter
company-logo
Versant Health offers eye health and vision care plan for members, clients, brokers, and eye care professionals.
dateFounded in 2017
location
Linthicum Heights, Maryland, USA
people-size1001-5000 employees
web-link
https://versanthealth.com/

H1B Sponsorship

Versant Health has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (3)
2023 (2)
2022 (6)
2021 (2)
2020 (5)

Funding

Current Stage
Late Stage
Total Funding
unknown
2020-09-17Acquired

Leadership Team

leader-logo
Kia Lindsay
Chief People Officer
linkedin
leader-logo
Neelam Gor
Chief Clinical Officer
linkedin

Recent News

PR Newswire
DATA BREACH ALERT: Edelson Lechtzin LLP is Investigating Claims on Behalf of Superior Vision Service Customers Whose Data May Have Been Compromised
2025-10-03
Business Wire
Despite Majority of Americans Struggling with the Impact of Poor Eyesight and Eye Health on Daily Life, More than Half Are Delaying or Avoiding Eye Care
2025-07-01
PR Newswire
Versant Health Names Alan Hirschberg to Executive Leadership Team
2022-04-28
Company data provided by crunchbase