Vulnerability Management Analyst in Atlanta, GA at HUNTER Technical Resources

Date Posted: 11/18/2019

Job Snapshot

Job Description

Vulnerability Management Analyst


Position Description:

• Responsible for configuring and maintaining vulnerability and compliance scanning tools

• Responsible for monitoring and reviewing vulnerability and compliance scan results

• Conduct scheduled and ad hoc application and system scans

• Perform research and analysis of scheduled and on demand vulnerability assessments and post results

• Provide technical feedback on proposed solutions to identified vulnerabilities

• Interface with vendor support teams to keep abreast of developments in product lines

• Research security testing tools, techniques, and processes

• Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities

• Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes

• Monitor team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the security operations center (SOC)

• Promote collaboration with our stakeholders and Red Team researchers to prioritize the remediation of vulnerabilities and close potential attack vectors.

• Understand asset criticality and the identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected

• Develop the vulnerability reports and score cards that define current state of the corporate network security risk posture.

• Participate in training of more junior staff in vulnerability management and awareness. Prioritization of vulnerabilities, attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.

Qualifications:

• 2+ years of cyber security experience specifically working in Vulnerability Management

• 2-4 years of information security technology experience

• Strong knowledge of security algorithms, protocols and standards

• Strong knowledge of Windows and one of the following operating systems; *NIX, OS X, iOS, etc.

• Demonstrated knowledge of OWASP and SANS testing methodologies, and related tools such as Qualys, Splunk, AlertLogic, nmap, etc.

• Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel) and other standard (Customer specified) applications.

• Demonstrated knowledge of TCP/IP protocols, network analysis, and network/security applications

• Demonstrated experience at least one scripting language, such as PowerShell, Python, Bash, PHP, etc. preferred