Vulnerability Analyst

Job Description

Description

Job Summary:

As the Vulnerability Management Analyst under the Global Fusion Center US, you will be responsible for uncovering and mitigating the evolving cyber threats through rigorous testing and vulnerability management methodologies. Your role will be key in the development, installation, configuration, and continuous improvement of the global vulnerability management service.

Essential Job Functions:

• Identify and report vulnerabilities on cloud infrastructure, workstations, data center systems, network equipment, and applications
• Support the vulnerability management program to ensure coverage and accuracy of the various vulnerability scanning and reporting tools throughout the infrastructure and applications
• Assist in enhancing procedures by automating daily activities, integrating vulnerability management solutions, and applying best practices
• Assist in prioritizing remediation and mitigation activities using risk criteria such as CVSS, exposure, and asset criticality
• Perform enterprise-wide scheduled and ad-hoc vulnerability assessments, including network, agent, and authenticated scans
• Assist in the development of vulnerability reports/metrics to stakeholders
• Assist in the development of vulnerability management procedures

Other Functions:

• Comply with proper internal controls as necessary to conduct job functions and/or carry out responsibilities and/or administrative activities at the Company
• Perform special projects and other duties as may be assigned
• Establish and build strong working relations and partnerships with other teams, Group Companies, and senior management

Qualifications:

• 3-5 years experience in vulnerability management or other operational security function
• Bachelor’s degree in computer science, cybersecurity, or a related field preferred
• Relevant cyber defense / vulnerability management certifications such as Security+, CySA+ are preferred
• Expertise in Vulnerability Tool configuration, deployment, engineering, and defining policies and procedures
• Sound knowledge of common infrastructure and web application vulnerability categorizations such as CVE, CVSS, CWE
• Knowledge of cybersecurity frameworks and standards (NIST, MITRE ATT&CK etc.)
• Understanding of networks, operating systems, and architecture and how they affect the security posture of a company
• Strong analytical and problem-solving skills
• Excellent communication, writing, and collaboration abilities

Salary range $120,000 to $140,000. Ultimate salary offered will be based on factors such as applicant experience and geographic location. Our company offers a competitive benefits package and bonus eligibility on top of base