Sr Vulnerability Management Analyst in Burbank, CA at HUNTER Technical Resources

Date Posted: 2/7/2020

Job Snapshot

Job Description

Sr. Vulnerability Mgmt Analyst


Position Description:

• Responsible for implementing, configuring and maintaining vulnerability and compliance scanning tools

• Conduct scheduled and ad hoc application and system scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and communicate findings effectively

• Ensure data flows are maintained between internal tools and enterprise wide reporting dashboard

• Develop and manage scanning/profiling tools and automated tasks

• Perform and post results of scheduled and on demand vulnerability assessments

• Provide technical feedback on proposed solutions to identified vulnerabilities

• Interface with vendor support teams to keep abreast of developments in product lines

• Research security testing tools, techniques, and processes

• Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities

• Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes

• Monitor team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the security operations center (SOC)

• Promote collaboration with our stakeholders and Red Team researchers to prioritize the remediation of vulnerabilities and close potential attack vectors.

• Understand asset criticality and the identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected

• Develop the vulnerability reports and score cards that the define current state of the corporate network security risk posture.

• Mentor and train more junior staff in vulnerability management and awareness. Prioritization of vulnerabilities, attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.

• Work closely with Security Incident Response Team and Architecture team members to help improve the team's abilities in Detection, Prevention and Response capabilities

• Work with business leaders and other ISO staff to prioritize vulnerability findings for remediation

Qualifications:

• 4+ years of cyber security experience specifically working in Vulnerability Management

• 4-6 years of technology experience

• Ability to utilize best in class practices and determine best remediation path

• Advanced level knowledge of security algorithms, protocols and standards

• Advanced level knowledge of Windows and two or more of the following operating systems; *NIX, OS X, iOS, etc.

• Demonstrated knowledge of OWASP and SANS testing methodologies, and related tools such as Qualys, Splunk, AlertLogic, Burp, nmap, Metasploit, etc.

• Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel) and other standard (Customer specified) applications.

• Demonstrated knowledge of TCP/IP protocols, network analysis, and network/security applications

• Demonstrated experience with scripting languages, such as PowerShell, Python, Bash, PHP, etc.