JOB TITLE: Sr. Cybersecurity Analyst Vulnerability Management Location: Santiago Working Model: Remote GENERAL DESCRIPTION OR PURPOSE OF JOB: The Senior Cybersecurity Analyst Vulnerability Management is responsible for leading Jostens enterprise vulnerability management program ensuring that vulnerabilities across servers endpoints network devices cloud services and applications are identified validated prioritized and remediated within defined SLAs. This position is a hands-on technical role that requires strong analytical ability expertise in vulnerability scanning tools and the ability to clearly communicate remediation guidance and business risk to technical and non-technical stakeholders. The analyst collaborates closely with Infrastructure Application Cloud and Security teams to maintain an accurate vulnerability picture integrate threat intelligence into prioritization decisions support patch management cycles and continuously improve Jostens security posture. | Item | Description | % Time | 1 | Vulnerability Scanning Detection Analysis and Prioritization - Lead enterprise vulnerability scanning across servers endpoints cloud assets OT/IoT systems network devices and applications.
- Manage scanner configuration schedules discovery scans and credentialed scanning settings.
- Validate scan coverage accuracy and asset onboarding completeness.
- Maintain scanning tool health troubleshoot authentication issues and support upgrades and tuning.
- Analyze scan data to identify true positives eliminate false positives and assess exploitability.
- Correlate vulnerabilities with threat intelligence (CISA KEV vendor advisories exploit trends).
- Prioritize vulnerabilities using risk-based scoring business context and exposure levels.
- Provide clear remediation guidance and summarized risk statements to system and application owners..
| 30% | | | 2 | Remediation Coordination & Patch Management Support - Partner with infrastructure cloud network and application teams to track and drive remediation.
- Validate patches and configuration changes through follow-up scans.
- Escalate overdue critical vulnerabilities in alignment with established policy and SLAs.
- Provide prioritized patch lists and technical guidance to support monthly and quarterly patch cycles.
- Ensure updates and fixes align to secure configuration baselines and hardening standards.
| 30% | | 3 | Documentation Metrics and Reporting - Produce weekly monthly and quarterly vulnerability management reports and dashboards.
- Track SLA compliance remediation aging high-risk exposure and asset coverage.
- Provide audit-ready artifacts screenshots narratives and evidence for PCI SOX SOC 2 and external assessments.
- Support trend analysis security KPI reporting and continuous improvement reviews.
- Maintain vulnerability management playbooks SOPs and process documentation.
| 25% | | 4 | Threat Intelligence Integration & Continuous Improvement - Monitor active exploits zero-days CISA KEV updates and vendor advisories.
- Recommend proactive mitigations before patches are available.
- Identify automation and workflow improvement opportunities for scanning reporting and alerting.
- Assist in evaluating new tools and capabilities that enhance the vulnerability management lifecycle.
| 10% | | 5 | Other - Provide evidence and support for compliance activities (PCI SOX Data Privacy external assessments).
- Help mature SOC processes runbooks and playbooks.
- Participate in security initiatives cross-functional working groups and tabletop exercises.
- Provide subject-matter expertise and guidance on vulnerability and configuration risks.
- Collaborate with Security Operations and IT to improve monitoring and preventive controls.
- Recommend strategic improvements that enhance Jostens cyber maturity.
| 5% |
JOB REQUIREMENTS/SPECIFICATIONS: Note that (i) computer literacy and working-level skill with the basic MS Office suite (Word Excel Outlook Explorer) (ii) good verbal and written communication skills (iii) good interpersonal skills and (iv) the ability to work well both individually and in a team environment are default requirements for all Jostens exempt and salaried nonexempt employees. Required: - Minimum of 5 years of experience in Information Security Incident Response Vulnerability Management or relevant IT roles.
- Bachelors degree in Information Security Computer Science Information Systems or equivalent experience.
- Hands-on experience with vulnerability scanning tools credentialed scanning and risk analysis.
- Strong understanding of application and infrastructure architectures operating systems and common security weaknesses.
- Ability to interpret technical vulnerabilities and communicate remediation steps in clear business terms.
- Experience troubleshooting vulnerabilities patching gaps configuration issues and scanning challenges.
- Experience monitoring emerging threats zero-days and active exploit activity.
- Strong written and verbal communication skills with the ability to work across diverse technical teams.
Preferred: - Security certifications such as Security CySA GSEC CEH GCDA GPEN or similar.
- Experience with API-based enrichment or automation for vulnerability data.
- Familiarity with cloud environments (AWS Azure O365) and cloud-native scanning approaches.
- Experience working in hybrid environments (on-prem cloud OT/IoT manufacturing).
- Experience with governance platforms such as ZenGRC and ticketing tools such as Jira.
- Security certifications such as CISSP CompTIA Security CySA GIAC GCDA GSEC CEH GPEN or similar.
Other Benefits: - Weekly Payment
- Law Benefits
- Complementary Medical Insurance
- Pharmacy and Optic Center benefits
- Internal Cooperative
- Bonuses Facilities
- Referral Program
- Paid Vacations period
- Growth Opportunities
About Jostens:
Celebrating 125 years of business Jostens has been a part of local communities working with K-12 schools colleges and universities teams and affiliation groups. Representatives from Jostens touch thousands of schools and groups every day working to make a difference with products and services that recognize accomplishments and help people tell their stories. These products along with resources for educators yearbook curriculum and services to help motivate and inspire like Jostens Renaissance and Commitment to Graduate (C2G) are all designed to contribute to a positive and rewarding school experience. As a household name and leading brand in our market we are passionate about being the most trusted partner in celebrating moments that matter. We are a mid-size company with a small company feel allowing us to move fast and explore innovative ideas.
Jostens is an Equal Opportunity Employer and complies with applicable employment laws. EOE/M/F/Vet/Disabled are encouraged to apply. All qualified applicants will receive consideration for employment without regard to race color religion sex pregnancy sexual orientation gender identity national origin age protected veteran status or disability status.
| JOB TITLE: Sr. Cybersecurity Analyst Vulnerability Management Location: SantiagoWorking Model: RemoteGENERAL DESCRIPTION OR PURPOSE OF JOB: The Senior Cybersecurity Analyst Vulnerability Management is responsible for leading Jostens enterprise vulnerability management program ensuring that vulnera...
JOB TITLE: Sr. Cybersecurity Analyst Vulnerability Management Location: Santiago Working Model: Remote GENERAL DESCRIPTION OR PURPOSE OF JOB: The Senior Cybersecurity Analyst Vulnerability Management is responsible for leading Jostens enterprise vulnerability management program ensuring that vulnerabilities across servers endpoints network devices cloud services and applications are identified validated prioritized and remediated within defined SLAs. This position is a hands-on technical role that requires strong analytical ability expertise in vulnerability scanning tools and the ability to clearly communicate remediation guidance and business risk to technical and non-technical stakeholders. The analyst collaborates closely with Infrastructure Application Cloud and Security teams to maintain an accurate vulnerability picture integrate threat intelligence into prioritization decisions support patch management cycles and continuously improve Jostens security posture. | Item | Description | % Time | 1 | Vulnerability Scanning Detection Analysis and Prioritization - Lead enterprise vulnerability scanning across servers endpoints cloud assets OT/IoT systems network devices and applications.
- Manage scanner configuration schedules discovery scans and credentialed scanning settings.
- Validate scan coverage accuracy and asset onboarding completeness.
- Maintain scanning tool health troubleshoot authentication issues and support upgrades and tuning.
- Analyze scan data to identify true positives eliminate false positives and assess exploitability.
- Correlate vulnerabilities with threat intelligence (CISA KEV vendor advisories exploit trends).
- Prioritize vulnerabilities using risk-based scoring business context and exposure levels.
- Provide clear remediation guidance and summarized risk statements to system and application owners..
| 30% | | | 2 | Remediation Coordination & Patch Management Support - Partner with infrastructure cloud network and application teams to track and drive remediation.
- Validate patches and configuration changes through follow-up scans.
- Escalate overdue critical vulnerabilities in alignment with established policy and SLAs.
- Provide prioritized patch lists and technical guidance to support monthly and quarterly patch cycles.
- Ensure updates and fixes align to secure configuration baselines and hardening standards.
| 30% | | 3 | Documentation Metrics and Reporting - Produce weekly monthly and quarterly vulnerability management reports and dashboards.
- Track SLA compliance remediation aging high-risk exposure and asset coverage.
- Provide audit-ready artifacts screenshots narratives and evidence for PCI SOX SOC 2 and external assessments.
- Support trend analysis security KPI reporting and continuous improvement reviews.
- Maintain vulnerability management playbooks SOPs and process documentation.
| 25% | | 4 | Threat Intelligence Integration & Continuous Improvement - Monitor active exploits zero-days CISA KEV updates and vendor advisories.
- Recommend proactive mitigations before patches are available.
- Identify automation and workflow improvement opportunities for scanning reporting and alerting.
- Assist in evaluating new tools and capabilities that enhance the vulnerability management lifecycle.
| 10% | | 5 | Other - Provide evidence and support for compliance activities (PCI SOX Data Privacy external assessments).
- Help mature SOC processes runbooks and playbooks.
- Participate in security initiatives cross-functional working groups and tabletop exercises.
- Provide subject-matter expertise and guidance on vulnerability and configuration risks.
- Collaborate with Security Operations and IT to improve monitoring and preventive controls.
- Recommend strategic improvements that enhance Jostens cyber maturity.
| 5% |
JOB REQUIREMENTS/SPECIFICATIONS: Note that (i) computer literacy and working-level skill with the basic MS Office suite (Word Excel Outlook Explorer) (ii) good verbal and written communication skills (iii) good interpersonal skills and (iv) the ability to work well both individually and in a team environment are default requirements for all Jostens exempt and salaried nonexempt employees. Required: - Minimum of 5 years of experience in Information Security Incident Response Vulnerability Management or relevant IT roles.
- Bachelors degree in Information Security Computer Science Information Systems or equivalent experience.
- Hands-on experience with vulnerability scanning tools credentialed scanning and risk analysis.
- Strong understanding of application and infrastructure architectures operating systems and common security weaknesses.
- Ability to interpret technical vulnerabilities and communicate remediation steps in clear business terms.
- Experience troubleshooting vulnerabilities patching gaps configuration issues and scanning challenges.
- Experience monitoring emerging threats zero-days and active exploit activity.
- Strong written and verbal communication skills with the ability to work across diverse technical teams.
Preferred: - Security certifications such as Security CySA GSEC CEH GCDA GPEN or similar.
- Experience with API-based enrichment or automation for vulnerability data.
- Familiarity with cloud environments (AWS Azure O365) and cloud-native scanning approaches.
- Experience working in hybrid environments (on-prem cloud OT/IoT manufacturing).
- Experience with governance platforms such as ZenGRC and ticketing tools such as Jira.
- Security certifications such as CISSP CompTIA Security CySA GIAC GCDA GSEC CEH GPEN or similar.
Other Benefits: - Weekly Payment
- Law Benefits
- Complementary Medical Insurance
- Pharmacy and Optic Center benefits
- Internal Cooperative
- Bonuses Facilities
- Referral Program
- Paid Vacations period
- Growth Opportunities
About Jostens:
Celebrating 125 years of business Jostens has been a part of local communities working with K-12 schools colleges and universities teams and affiliation groups. Representatives from Jostens touch thousands of schools and groups every day working to make a difference with products and services that recognize accomplishments and help people tell their stories. These products along with resources for educators yearbook curriculum and services to help motivate and inspire like Jostens Renaissance and Commitment to Graduate (C2G) are all designed to contribute to a positive and rewarding school experience. As a household name and leading brand in our market we are passionate about being the most trusted partner in celebrating moments that matter. We are a mid-size company with a small company feel allowing us to move fast and explore innovative ideas.
Jostens is an Equal Opportunity Employer and complies with applicable employment laws. EOE/M/F/Vet/Disabled are encouraged to apply. All qualified applicants will receive consideration for employment without regard to race color religion sex pregnancy sexual orientation gender identity national origin age protected veteran status or disability status.
|
View more
View less
Job Location:
Monthly Salary:
Posted on:
Yesterday
Vacancies:
1 Vacancy
