Vulnerability Analyst
Company: Ice Miller
Location: Indianapolis
Posted on: March 19, 2023
|
|
Job Description:
Job Summary:
The Vulnerability Analyst will be the primary point of contact for
the Information Security team interfacing with other areas of the
Information Technology organization on remediation efforts for
discovered vulnerabilities. This role will provide insights and
guidance on discovered vulnerabilities and how to effectively
manage the associated risk, as well as organizing and tracking
large datasets across multiple teams. Drive improvements over time
through the management, analysis and tracking of vulnerabilities
discovered while building and maintaining effective relationships
with technology partners to adequately report functional
requirements for vulnerability remediation based on criticality and
impact. Success in this role will be determined by tracking,
reporting, and remediating multiple data points across multiple
teams.
Essential Job Duties:
--- Develop, communicate, and manage vulnerability scanning
processes, guidelines, and standards
--- Configure, update, and manage scan policies to ensure 100%
coverage of scanning
--- Coordinate patch management with IT Teams to ensure timely
remediation on discovered vulnerabilities
--- Create and execute weekly scans, weekly reports, document
vulnerabilities, coordinate the remediation of discovered
vulnerabilities with the InfoSec and IT teams
--- Implement, track, and drive improvements on Vulnerability
scanning KPIs and SLAs
--- Review existing security controls to make an informed risk
decision on discovered vulnerabilities
--- Report and track remediation status to leadership and
stakeholders
--- Review compensating controls and ensure findings on
vulnerabilities align to risk
--- Assist in the development and implementation of automated
solutions to address daily manual tasks
--- Align process and outcomes to all applicable regulations and
cybersecurity frameworks
--- Ability to quickly understand systems in order to identify and
validate security vulnerabilities.
--- Work analytically to solve both tactical and strategic problems
within the vulnerability management program.
--- Establish a rapport with other IT and InfoSec teams to mature
the vulnerability management program and actively contribute and
participate in team activities and planning that improving team
skills, awareness, communication, reputation, and quality of
work.
--- Manage the detection and analysis of threat intelligence
through various third-party sources and align those to the business
through a threat triage process for remediation, action, or
education.
Minimum Requirements:
--- Bachelor's degree and minimum 4 years of experience in
Information Security, Information Assurance and/or Cyber Security
space. Additional relevant experience and professional
certifications will be considered in lieu of a degree.
--- Must be a critical thinker with strong problem-solving
skills.
--- Ability to think at systems / architecture level. (i.e. How do
all the parts of the solution fit together not just design at
element level)
--- Demonstrated logical and structured approach to time management
and task prioritization in support of teamwork goals.
--- Possesses a strong collaborative mindset, able to function as a
contributing member of the team.
--- 2-5 years of Vulnerability Analyst experience and experience
with Tenable, Rapid7, or Qualys
--- Experience with network security scanners, and an understanding
on how attackers exploit vulnerabilities in the wild.
--- Experience in the information security field designing and
implementing enterprise vulnerability management processes and
solutions.
--- Deep and broad understanding related to security encompassing
end point technologies, applications, application hosting, physical
and virtual data center hosting.
--- Solid skills in Windows and Linux, Encryption and networking,
and have in-depth knowledge and work experience with security best
practices.
--- Knowledgeable with token/certificate-based authentication, DNS,
and AD structure.
--- Excellent verbal and written communication skills with a wide
range of audiences including technologists, executives, business
stakeholders and IT team members.
--- Accustomed to information security risk assessments
processes
--- High level of personal integrity, and the ability to
professionally handle confidential matters and show an appropriate
level of judgment and maturity.
--- High degree of initiative, dependability and ability to work
with little supervision.
--- Working knowledge of information systems security
standards/practices (e.g., access control and system hardening,
system audit and log file monitoring, security policies, and
incident handling).
Candidates must have permanent authorization to work in the United
States. In addition, candidates must be fully vaccinated for
Covid-19, except those who have an approved medical or religious
exemption.
Ice Miller is an Equal Opportunity Employer.
#LI-Hybrid
Keywords: Ice Miller, Indianapolis , Vulnerability Analyst, Professions , Indianapolis, Indiana
Click
here to apply!
|