Vulnerability Governance and Reporting Analyst

JOB TITLE: Vulnerability Governance and Reporting Analyst JOB LOCATION: Hybrid Springfield, Boston or NY WAGE RANGE : 58 - 62/ W2 JOB NUMBER: JOB DESCRIPTION The Vulnerability Governance & Reporting Analyst is responsible for strengthening enterprise governance to reduce the backlog of vulnerabilities and misconfigurations while enabling scalable, data-driven capabilities that support AI readiness across the organization. This role serves as a critical bridge between vulnerability management operations, governance, and emerging AI initiatives. The position focuses on establishing robust governance frameworks, improving data quality, and driving accountability across remediation processes to ensure vulnerabilities and configuration gaps are addressed in a timely and risk-informed manner. The role also ensures that vulnerability and configuration data is structured, normalized, and actionable, forming a reliable foundation for AI-driven insights, automation, and advanced analytics. This individual partners closely with Cybersecurity, Infrastructure, Cloud, and Data teams to optimize workflows, enforce SLA adherence, and enhance reporting transparency. The role is instrumental in transitioning the VMCA program from reactive backlog management to a proactive, intelligence-driven, and AI-enabled capability. Skills: Technical Skills Vulnerability & Configuration Platforms: Strong experience with Qualys, Wiz, and similar platforms, including data validation and workflow integration Governance & Risk Management: Deep understanding of vulnerability lifecycle governance, SLA management, and risk acceptance processes Data & AI Enablement: Experience preparing and structuring datasets for analytics and AI use cases. Familiarity with data normalization, enrichment, and aggregation across security tools Automation & Integration: Proficiency with automation (e.g., PowerShell, Python) and integration with platforms such as ServiceNow, JupiterOne, CMDB, and data pipelines Analytics & Reporting: Experience building dashboards and executive reporting (e.g., Tableau) focused on risk reduction, backlog trends, and SLA performance Core Strengths Governance Leadership: Ability to establish and enforce structured governance models that drive accountability and measurable outcomes Strategic Thinking & AI Alignment: Forward-looking mindset focused on enabling AI-driven capabilities through strong data and process foundations Operational Execution & Backlog Reduction: Proven ability to reduce large-scale vulnerability backlogs through prioritization, process improvement, and stakeholder alignment Data-Driven Decision Making: Strong analytical mindset with the ability to translate complex data into actionable insights and measurable outcomes Executive Communication: Ability to communicate risk, progress, and strategy in a clear, concise, and leadership-ready format Cross-Functional Influence: Skilled at driving alignment across teams with competing priorities to achieve enterprise risk reduction goals Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions. Benefits offered are in accordance with applicable federal, state, and local laws and subject to change at TCM's discretion.