Vulnerability Management Specialist

The Vulnerability Management Specialist is an advanced hands-on practitioner and representative of the cyber security defense team. The role is technical and candidates must possess a solid understanding of information security and preferably have held positions in cyber security and systems administration. The role also requires an understanding of business and governance process. Vulnerability management analysts are responsible for the overall management lifecycle of the program. They must understand applications operating systems networking cloud infrastructure and basic attacker tactics techniques and procedures (TTPs). Additionally analysts are expected to maintain a high level of rigor to stay up-to-date with advancements in technology while also retaining knowledge of older systems and applications in use.

Vulnerability Management Specialists understand that legacy and present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. Given that vulnerability management and risk exposure extend across all technical systems enterprise-wide responsibilities of this position include identifying assets and vulnerabilities reporting remediation and continuous assessment. The position must collaborate with others on the team for remediation and additional validation as well as contribute to other collaborative approaches driven by the security team strategy.

Vulnerability Management Specialists are expected to manage strategic initiatives for short- as well as long-term plans to identify and reduce the attack surface across applications and systems. Use of automated tools to identify assess and report is expected with emphasis placed on effective communication to constituents relying on applications and systems that support their business. Vulnerability management analysts take an active lead to inform advise and partner with business units to help better secure their operations.

Principle Duties and Responsabilities:

• Manage and independently detect prioritize and remediate identified vulnerabilities across applications endpoints databases networking devices and mobile cloud and third-party assets.
• Conduct continuous independent discovery and vulnerability scans/security assessments of enterprise-wide assets and proactive control testing.
• Document prioritize and formally report asset and vulnerability state along with remediation recommendations and validation.
• Formalizing a process for communicating vulnerability results and security patch releases in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business.
• Procure and maintain tools and scripts used in asset discovery and vulnerability status.
• Leverage vulnerability database sources to understand each weakness its probability and remediation options including vendor-supplied fixes and workarounds.
• Work as a team to consistently learn and share advanced skills and foster team excellence.
• Actively collaborate with MSSP to develop maintain and enhance cyber security controls.
• Partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives.
• Support and monitor patch management compliance across the infrastructure to align to audit requirements.
• Collaborate with security groups such as red teams threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.
• Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organizations security posture against them.
• Regularly research and learn new TTPs in public and closed forums and work with colleagues to assess risk implement/validate controls and update procedures as necessary.
• Maintain an active database comprising third-party assets their vulnerability state remediation recommendations overall security posture and potential threat to the business.
• Arrange and provide support to business units launching new technology applications and services to verify that new products/offerings are not at risk of misconfiguration compromise or information leakage.
• Periodically attend and participate in change management policy discussions and meetings.
• Reporting on KRI/KPI status and compliance monitoring activities.
• Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.
• Liaise with the security engineering team to improve tool usage and workflow as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
• Possess a thorough understanding of CIS Controls and how its used to harden computers databases and network devices.
• Possess a thorough understanding of Group Policy Objects and how its implemented and used to harden computers.
• Assist multiple teams on the implementation of configuration management for security hardening.
• Report on computers and devices that deviate from preapproved configuration management security standards.
• Contribute to the development of security policy and procedures.
• Identifying vulnerabilities in the environment that must be addressed according to risk age and susceptibility. Provide best practice guidance on vulnerability assessments and remediation.
• Perform other duties as assigned.

• 5-7 years experience in information security administration vulnerability management or security operations. Required
• Proficient with vulnerability management solutions such as Qualys Nexpose Nessus Kenna Security Tanium and open source.
• Experience stabilizing systems to run minimal application requirements least privilege and additional host hardening.
• Understanding of Windows and Unix/Linux operating systems endpoint applications networking protocols and devices.
• Preferably some experience with vulnerability management across Amazon Web Services (AWS) Microsoft Azure or Google Cloud Platform (GCP).
• Experience conducting organization-wide vulnerability scanning and remediation processes.
• Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface.
• Knowledge of one or more compliance standards including Payment Card Industry (PCI) Health Information Portability and Accountability Act (HIPAA) Gramm-Leach-Bliley Act (GLBA) National Institute of Standards (NIST) or International Standards Organization (ISO).
• Capable of scripting in Python Bash Perl or PowerShell.
• Understanding of OWASP CVSS the MITRE ATT&CK framework and the software development lifecycle.

Licenses & Certifications

The following credentials licenses and/or degrees are desired but not required if appropriate experience exists:

• GIAC Critical Controls Certification (GCCC)

• GIAC Certified Enterprise Defender (GCED)

• GIAC Penetration Tester (GPEN)

• GIAC Certified Incident Handler (GCIH)

• Certified Information Systems Security Professional (CISSP)

• Certified in Risk and Information Systems Control (CRISC)

• Technical certifications for industry recognized vulnerability management solutions (i.e. Qualys Nexpose Nessus Kenna Tanium etc.)

• Bachelors Degree in Computer Science or related discipline. Preferred

• Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
• Please view Equal Employment Opportunity Posters provided by OFCCPhere.
• The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay or the pay of another employee or applicant. However employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information unless the disclosure is (a) in response to a formal complaint or charge (b) in furtherance of an investigation proceeding hearing or action including an investigation conducted by the employer or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c)
• Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at or by e-mail at.