Vulnerability Management Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Newrez · 8 hours ago

Vulnerability Management Analyst

positionCoppell, TX
timeFull-time
remoteOnsite
seniorityEntry, Mid Level
date2+ years exp

Newrez is committed to exceeding the expectations of residential mortgage borrowers and business partners through superior service. The Vulnerability Management Analyst is responsible for discovering, analyzing, prioritizing, and tracking the remediation of vulnerabilities across various platforms, ensuring compliance with policies and improving overall security posture.

FinanceFinancial Services
check
H1B Sponsor Likelynote

Responsibilities

Execute authenticated and agent-based scans using Qualys (VMDR, WAS/TotalAppSec) for on-premises, cloud assets, containers, and web applications
Manage Suridata for SaaS security posture and asset discovery
Assist with Veracode application security scanning and reporting
Maintain scan schedules, credentials, and agent health; expand coverage to new assets and services
Coordinate with platform owners to enable safe scanning and validate rescans
Review and triage scan results, reducing false positives and noise
Apply risk-based frameworks (CVSS v3.1, CISA KEV, EPSS, asset criticality) to prioritize remediation
Provide clear remediation guidance and document knowledgebase notes
Create and route remediation tickets via ITSM platforms (e.g., ServiceNow, Jira)
Track SLA attainment and escalate issues as needed
Partner with infrastructure, desktop, cloud, and application teams to resolve blockers
Validate fixes through rescans and close tickets with evidence
Improve asset-to-owner mapping and tag critical systems
Support automation for ticket creation, routing, and exception reviews
Maintain operational runbooks and playbooks
Build and publish dashboards on coverage, SLA performance, exception inventory, and risk reduction
Provide evidence for internal/external audits and customer security reviews
Process exception requests per policy, ensuring compensating controls and tracking expiry/review dates
Monitor and drive timely renewal or closure of exceptions
Assist with rapid assessment, scoping, communication, and mitigation during critical events
Participate in after-hours rotations as needed
Performs related duties as assigned by management

Qualification

Vulnerability ManagementQualys VMDRRisk Analysis FrameworksWindows/Linux PatchingCloud Platforms (Azure/AWS)Scripting (PowerShell/Python)Process DisciplineITSM/CMDB IntegrationsCommunication Skills

Required

Bachelor's degree in Information Security, Information Systems, Computer Science, or equivalent practical experience
2-4 years in Information Security or Systems Engineering, including 2+ years directly operating a vulnerability management program or toolset in a multi-platform environment
Exposure to Windows/Linux patching, cloud platforms (Azure/AWS), container registries, and network devices; understanding of change management and maintenance windows
Technical depth in vulnerability scanning, agent management, and authenticated scans across Windows/Linux, cloud workloads, and containers
Ability to apply risk analysis frameworks and understand exploitability and business impact
Scripting experience (PowerShell and/or Python) and comfort with Excel/Power BI or SQL for reporting
Familiarity with ITSM/CMDB integrations
Strong communication skills for translating technical findings into actionable tickets and summaries
Process discipline for maintaining documentation and audit evidence
All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Okta Verify and Microsoft Authenticator

Preferred

Familiarity with NIST CSF/ISO 27001; experience supporting audits and customer security requests preferred
Preferred Certifications: Security+, CySA+, GSEC, AZ-500, Qualys VMDR Specialist, or similar

Benefits

Medical, dental, and vision insurance
Health Savings Account with employer contribution
401(k) Retirement plan with employer match
Paid Maternity Leave/Parental Bonding Leave
Pet insurance
Adoption Assistance
Tuition reimbursement
Employee Loan Program
The Newrez Employee Emergency and Disaster Fund is a new program to support our team members
1 Volunteer Time Off (VTO) day, company-paid volunteer day where all eligible employees may participate in a volunteer event with a nonprofit of their choice
Employee Matching Gifts Program: We will match monetary employee donations to eligible non-profit organizations, dollar-for-dollar, up to $1,000 per employee
Newrez Grants Program: Newrez hosts a giving portal where we provide employees an abundance of resources to search for an opportunity to donate their time or monetary contributions

Company

Newrez

twittertwittertwitter
Glassdoor3.0
company-logo
Newrez is your mortgage partner for all stages of your homeownership journey. We offer hundreds of mortgage products to match your needs.
dateFounded in 2018
location
Fort Washington, Pennsylvania, USA
people-size5001-10000 employees
web-link
https://www.newrez.com

H1B Sponsorship

Newrez has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (31)
2024 (12)
2023 (41)
2022 (3)
2021 (2)
2020 (6)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Joshua Bishop
Chief Operating Officer, Servicing
linkedin
B
Bruce Williams
Vice Chairman
linkedin

Recent News

Decrypt
Why a $778 Billion Mortgage Lender Is Taking Bitcoin and Ethereum Seriously Now
2026-01-22
Inman
Need a mortgage? Have crypto? Now you're in luck
2026-01-21
Cointelegraph
US lender Newrez to accept crypto holdings in mortgage approval
2026-01-17
Company data provided by crunchbase