Infrastructure Vulnerability Analyst II job vacancy

Vacancy expired!

Title: Infrastructure Vulnerability Analyst II (Reporting Analyst)Location: Whitehouse Station, NJDuration: 6 months contract to hire position The global Infrastructure Operations team(our team) is responsible for coordinating and managing vulnerability findings in assets in the organization. The client operates a global infrastructure team supporting local business units across five regions (Asia Pacific, North America, Latin America, Japan, and Europe including the Middle East and Africa). The infrastructure vulnerability management strategy is developed with input from the information security team for each of these regions and translated into programs that are then executed by the regions using resources from each region.

The Infrastructure Vulnerability Analyst will leverage analytic and technical skills to Client cyber risks; prioritize assets, assess risks and remediation/mitigation techniques; report on risks, and drive and track remediation/mitigation/acceptance of risk to improve security posture in the assets in North America. The qualified candidate will assess vulnerabilities, then collaborate with IT and business teams to ensure prompt and effective distribution of findings and that risk and incidents are addressed in the most effective and efficient manner possible.

We are looking for individuals who have experience performing vulnerability assessment and remediation activities and support the security team as part of the vulnerability management program. The position includes performing vulnerability analysis, review and validate vulnerability findings within the defined application including; O/S vulnerability analysis, written and verbal articulation of remediation recommendations, prioritizing remediation activities with application teams, and follow-up.

Duties & Responsibilities:• Assess new vulnerabilities, investigate solutions and compensating controls on information systems and infrastructure• Review and validate vulnerability findings• Prioritizing remediation activities with application teams through risk ratings of vulnerabilities and assets• Verify vulnerability remediation/mitigation• Interface with network and infrastructure team for any challenges in the remediation• Collate security incident and vulnerability findings to produce monthly and weekly management reports• Implement or coordinate remediation required by audits.• Assist in developing program quality metrics as both program performance indicators and enterprise risk indicators• Work with the Application Vulnerability team as needed to integrate vulnerability findings against application-level scans to mitigate the vulnerabilities.• Leverage the client's inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress• Monitor vulnerability mitigation and patching in vendor managed assets• Implement ad-hoc scans to verify the remediation status• Helping to develop the client's next-generation vulnerability management program including formalized assessment criteria, integration with asset inventory and remediation tracking and governance.

Qualifications - ExternalMinimum Qualifications:• Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.• Minimum 1-3 years of experience working in Information Security• Experience with management and use of Rapid7 Nexpose• Experience in operating vulnerability scanning infrastructure and services• Experience analyzing scans/reports from security scanning tools and other internal security tools related to risk and vulnerability• Knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets• Knowledge of industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS)• Knowledge of technology and security topics including network security, wireless security, application security, infrastructure hardening and security baselines, web server and database security• Working experience with industry frameworks (CSF, ISO, COBIT, etc.)• Comfortable working outside their comfort zone with a willingness to learn• Excellent verbal and written communication skills• Strong analytical skills• Strong team player with the ability to work independently• Strong project management skills and ability to multi-task• Self-motivated with strong initiative

Preferred Qualifications• Knowledge of computer networking concepts and protocols, and network security methodologies.• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).• Knowledge of specific operational impacts of cybersecurity lapses.• Knowledge of system administration, network, and operating system hardening techniques.• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.• Skill in performing impact/risk assessments.• Skill in program and project management.• Ability to identify systemic security issues based on the analysis of vulnerability and configuration

Vacancy expired!

ID	#19833209
State	New Jersey
City	Whitehousestation
Job type	Contract
Salary	USD $40 - $50 40 - 50
Source	Sunrise Systems, Inc.
Showed	2021-09-18
Date	2021-09-16
Deadline	2021-11-14
Category	Et cetera
Create resume

Job Details

Infrastructure Vulnerability Analyst II