Vulnerability Management Analyst

 

THE OPPORTUNITY

The Information Security team is seeking a highly skilled and motivated Vulnerability Management Analyst to join our team. As a key member of our Information Security department, you will identify, assess, and prioritize vulnerabilities across our organization's systems and networks. You will play a crucial role in maintaining our organization's security posture and protecting all assets from cyber threats.

THE TEAM

The Information Security team is expected to be high-performing. To meet this expectation, the team members are communicative and collaborative, always sharing knowledge and research with one another. Members of this team should be able to understand what is expected of them and adjust on the fly, as priorities may change depending on the company's needs. If you are someone who sets a standard of excellence for yourself and you enjoy working alongside others who set the same standard and who genuinely want each of their peers to succeed, you may be the perfect addition to this team.

WHAT YOU WILL DO

• Conduct regular vulnerability assessments on systems, networks, and applications.
• Analyze vulnerability scan results and prioritize remediation efforts based on risk and impact.
• Work closely with system administrators and developers to ensure timely patching and mitigation of vulnerabilities.
• Develop and maintain vulnerability management policies, procedures, and documentation.
• Research emerging threats and vulnerabilities to stay ahead of potential security risks.
• Provide guidance and recommendations to IT teams for improving security controls and processes.

THE "MUST-HAVES"

• Strong understanding of common vulnerabilities and exposure (CVE) database and vulnerability scoring systems (CVSS).
• Experience with vulnerability scanning tools.
• Knowledge of network protocols, operating systems, and web application technologies.
• Familiarity with industry standards and frameworks such as NIST, CIS.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders.

THE "NICE TO HAVES"

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
• At least 2-3 years of experience in vulnerability management or related cybersecurity roles.
• A general knowledge of compliance requirements for PCI, SOX, etc.

WITHIN 1 MONTH, YOU’LL

• Understand the role of the Vulnerability Management Analyst within the Information Security team.
• Understand the Security disciplines within Information Security.
• Understand major environments (eCommerce, Store, Distribution Centers, Network).
• Familiarize yourself with the company's organizational structure, culture, and key stakeholders.
• Learn how to interpret scan results and prioritize vulnerabilities based on risk and impact.

WITHIN 2 MONTHS, YOU’LL

• Gain proficiency in vulnerability scanning tools.
• Analyze scan results to identify critical vulnerabilities requiring immediate attention.
• Work closely with system administrators to prioritize and remediate vulnerabilities.
• Implement changes to enhance the overall effectiveness of vulnerability management practices.
• Generate vulnerability assessment reports and communicate findings to relevant stakeholders.

WITHIN 3 MONTHS, YOU’LL

• Identify opportunities for optimization in vulnerability scanning processes and tools.
• Implement automation and efficiency measures to streamline vulnerability management activities.
• Stay updated on emerging threats and vulnerabilities to address potential risks proactively.
• Understand, monitor, and report on key performance indicators (KPIs) to measure the effectiveness of vulnerability management efforts.
• Stay up-to-date on industry trends, emerging technologies, and best practices in vulnerability management.

No immigration sponsorship (ex. H-1B, TN, STEM OPT) is available for this position