Job Description

The Senior Threat and Vulnerability Analyst provides advanced, hands-on representation of the cybersecurity defense team. In this technical role, you must possess a solid understanding of information security and should have held positions in cybersecurity and systems administration. You'll also require an understanding of business and governance processes.  You will also accept primary responsibility for the overall management lifecycle of the program.

In this role, you should understand that legacy and present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. Given that vulnerability management and risk exposure extend across all technical systems enterprise-wide, your responsibilities will include identifying assets and vulnerabilities, reporting, remediation and continuous assessment. You will also collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.

You will oversee the strategic initiatives for short- as well as long-term plans to identify and reduce the attack surface across applications and systems. Use of automated tools to identify, assess and report is expected, with emphasis placed on effective communication to constituents relying on applications and systems that support their business.

A Day in the Life:

  • Work as a team to consistently learn and share advanced skills and foster team excellence.

  • Manage vulnerabilities across applications, endpoints, databases, networking devices, and mobile, cloud and third-party assets.

  • Conduct continuous discovery and vulnerability assessment of enterprise-wide assets.

  • Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.

  • Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.

  • Procure and maintain tools and scripts used in asset discovery and vulnerability status.

  • Leverage vulnerability database sources to understand each weakness, its probability and remediation options, including vendor-supplied fixes and workarounds.  

  • Support internal and external auditors in their duties that focus on compliance and risk reduction.

  • Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.

  • Regularly research and learn new TTPs in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary.

  • Maintain an active database comprising third-party assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business.

  • Arrange and provide support to business units launching new technology applications and services to verify that new products/offerings are not at risk of misconfiguration, compromise or information leakage.

  • Periodically attend and participate in change management policy discussions and meetings.

  • Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with vulnerability management.

  • Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.

  • Liaise with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.

  • Perform other duties as assigned.

To succeed in this role, you'll need:

  • Bachelor’s degree in Information Security, Information Systems, Computer Science, or equivalent work experience.

  • At least 5-7+ years experience in information security administration, vulnerability management or security operations.

  • Proficient with vulnerability management solutions such as Qualys, Nexpose, Nessus, Kenna Security, Tanium and open source.

  • Experience stabilizing systems to run minimal application requirements, least privilege and additional host hardening.

  • Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices.

  • Preferably some experience with vulnerability management across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP). 

  • Experience conducting organization-wide vulnerability scanning and remediation processes.

  • Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface.

  • Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO).

  • Capable of scripting in Python, Bash, Perl or PowerShell.

  • Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.

Certifications Preferences:

  • Preferably, one or more of the following: GCED, GCCC, GPEN, GCIH, CISSP or CRISC.

We'd love for you have working knowledge of:

  • System administration

  • Network security concepts

  • Information security policy

  • On-call network troubleshooting

  • Patch Management

  • Network protocols

  • Intrusion Detection and Prevention systems (IDS/IPS)

  • Data Loss Prevention (DLP)

  • Vulnerability scanners

  • Threat management and response

  • Virtual Private Networks (VPN)

  • Multi-Factor Authentication (MFA)

  • Endpoint Detection and Response (EDR)

  • Mobile Device Management (MDM)

  • Identity Access Management and Privileged Access Management (IAM and PAM)

  • Role and attribute-based access controls

  • (RBAC and ABAC)

  • TLS and certificate management

  • Log analysis

  • URL filtering

  • Foundational routing, switching, segmentation

  • Security Information and Event Monitoring Tools (SIEM)

  • Wireless technology and security

Competencies:

To perform the job successfully, you should be able demonstrate the following competencies:

  • Problem Solving - Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions.

  • Technical Skills - Pursues training and development opportunities; Strives to continuously build knowledge and skills; Shares expertise with others. 

  • Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness.

  • Organizational Support - Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization's goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity.

  • Quality - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.

  • Adaptability - Changes the approach or method to best fit the situation.

Work Environment:

The work environment characteristics described here maybe encountered while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Moderate noise (i.e., business office with computers, phone, and printers, light traffic).

  • Ability to work in a confined area.

  • Ability to sit at a computer terminal for an extended period. Occasional stooping or kneeling may be necessary.

  • While performing the duties of this job, the employee is regularly required to stand, sit, talk, hear and use hands and fingers to operate a computer keyboard and telephone.

  • Specific vision abilities are required by this job due to computer work.

  • Light to moderate lifting is required.

  • Occasional travel is required.

#LI-JC1

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online