Vulnerability Governance & Reporting Analyst

Date Posted: 06/04/2026

Hiring Organization: Rose International

Position Number: 502349

Industry: Insurance

Job Title: Vulnerability Governance & Reporting Analyst

Job Location: Springfield, MA, USA, 01111

Work Model: Hybrid

Work Model Details: 2-3 days onsite in a week

Shift: M to F, 8 to 5

Employment Type: Temporary

FT/PT: Full-Time

Estimated Duration (In months): 8

Min Hourly Rate($): 60.00

Max Hourly Rate($): 62.00

Must Have Skills/Attributes: PowerShell, Python, ServiceNow, Tableau

Experience Desired: Strong experience with vulnerability management platforms such as Qualys, Wiz (5 yrs); Experience with vulnerability lifecycle governance and remediation management (5 yrs); Experience integrating security data with ServiceNow, JupiterOne, CMDB (5 yrs); Knowledge of risk acceptance processes and vulnerability governance frameworks (3 yrs)

Required Minimum Education: Bachelor’s Degree

**C2C is not available**

Job Description

Required Education

• Bachelor's degree
  
  

Required Qualifications / Skills / Experience

• Strong experience with vulnerability management platforms such as Qualys, Wiz, or similar tools
• Experience with vulnerability lifecycle governance and remediation management
• Experience managing and enforcing SLA adherence for vulnerability remediation programs
• Knowledge of risk acceptance processes and vulnerability governance frameworks
• Experience validating, normalizing, enriching, and aggregating security data across multiple platforms
• Experience building executive reporting and dashboards focused on risk reduction, backlog trends, and SLA performance
• Strong analytical and data-driven decision-making skills
• Experience with automation tools and scripting languages such as PowerShell and Python
• Experience integrating security data with ServiceNow, JupiterOne, CMDB, and enterprise data pipelines
• Experience working with cross-functional teams including Cybersecurity, Infrastructure, Cloud, and Data organizations
• Strong written and verbal communication skills
• Experience driving operational improvements and reducing vulnerability backlogs
  
  

Preferred Qualifications / Skills / Experience

• Experience preparing and structuring datasets for analytics and AI use cases
• Experience using Tableau or similar reporting and visualization platforms
• Experience supporting enterprise governance, risk, and compliance initiatives
• Experience working within cloud and hybrid enterprise environments
• Knowledge of AI-enabled security operations and advanced analytics capabilities
  
  

Vulnerability Governance & Reporting Analyst Overview

• The Vulnerability Governance & Reporting Analyst plays a key role in strengthening enterprise governance processes designed to reduce vulnerability and configuration-related risk across the organization
• This position focuses on improving vulnerability lifecycle governance, remediation accountability, reporting transparency, and operational effectiveness
• The analyst serves as a bridge between vulnerability management operations, governance teams, cybersecurity stakeholders, and emerging AI initiatives
• Responsibilities include improving data quality, reducing remediation backlogs, enforcing SLA compliance, and ensuring vulnerability and configuration data is structured for advanced analytics and AI-driven capabilities
• The role supports enterprise efforts to transition from reactive vulnerability management practices to proactive, intelligence-driven, and scalable security operations
• Success in this position requires strong governance leadership, operational execution, data analytics expertise, executive communication skills, and the ability to influence cross-functional stakeholders
• The analyst will collaborate closely with Cybersecurity, Infrastructure, Cloud, Data, and Engineering teams to drive remediation efforts, improve reporting accuracy, and strengthen the organization's overall security posture
• This position is highly focused on governance, reporting, data quality, risk reduction, and continuous improvement initiatives that enable long-term operational maturity and AI readiness
  
  

Job Duties

• Establish and support vulnerability governance frameworks and remediation accountability processes
• Monitor and manage vulnerability remediation SLAs and risk acceptance workflows
• Analyze vulnerability and configuration data to identify trends, gaps, and remediation opportunities
• Improve data quality through normalization, enrichment, validation, and aggregation activities
• Prepare and structure security datasets to support analytics and AI-driven use cases
• Develop executive dashboards and reporting focused on risk reduction, backlog trends, remediation progress, and SLA performance
• Partner with Cybersecurity, Infrastructure, Cloud, and Data teams to improve vulnerability management processes
• Drive reduction of vulnerability and configuration backlogs through prioritization and stakeholder engagement
• Support integration of vulnerability data into ServiceNow, JupiterOne, CMDB, reporting platforms, and enterprise data pipelines
• Provide leadership-ready reporting and actionable insights to support risk-informed decision making
• Promote operational improvements and governance best practices across the enterprise
• Support AI-readiness initiatives by ensuring security data is structured, actionable, and scalable
  
  

Specific Details to Call Attention To

• Strong hands-on experience with Qualys, Wiz, or similar vulnerability management platforms is required
• Must have experience managing vulnerability lifecycle governance, remediation workflows, and SLA adherence
• Experience reducing large-scale vulnerability backlogs through governance and operational improvements is highly preferred
• Candidates should have strong reporting, dashboard development, and executive communication experience
• Strong cross-functional collaboration skills are required to drive remediation and governance activities across multiple teams
• **Only those lawfully authorized to work in the designated country associated with the position will be considered.**
• **Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client’s business needs and requirements.**
  
  

Benefits

For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.

California Pay Equity

For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.

Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.

If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.

Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).