Senior Vulnerability Management Analyst
Share
Job Location:
Brooklyn, NY - USA
Monthly Salary:
Not Disclosed
Posted on:
8 days ago
Vacancies:
1 Vacancy
Job Summary
For more details please connect with Ibad Ullah Khan at or email at
End Client: New York City Department of Social Services
Job Title: Senior Vulnerability Management Analyst
Job Title: Senior Vulnerability Management Analyst
Duration: 36 - 60 Months
Start Date: ASAP
Location: 505 Clermont Ave 3rd Floor Brooklyn NY 11238
Position Type: Contract
Interview Type: Webcam
Ceipal ID: NYCCYBE482IK
Requirement ID: BID-DSS-ITS-C--1-30
Objective:
- To ensure continuous monitoring auditing and remediation of security risks affecting DSS infrastructure components being migrated decommissioned or integrated within the hybrid environment maintaining agency security posture during the transition.
Scope:
- Scan and Assess agency assets in all locations and environments that are part of he DC migration project.
- Execute vulnerability scans for migrating systems validate risk scores and recommend remediation for in-scope hardware/software.
- Develop and maintain dashboards in Rapid7 tailored for tracking migration-phase vulnerabilities.
- Script and automate vulnerability reporting across all locations and environments.
Tasks Breakdown:
- Perform vulnerability & exposure management scanning on devices.
- Conduct a comprehensive risk assessment of the current environment to identify and document potential vulnerabilities associated with this migration.
- Categorize and prioritize data based on its sensitivity to tailor security controls accordingly employing methods like encryption for sensitive data both at rest and in transit.
- Create a detailed inventory of all IT assets slated for migration including applications databases servers and network devices.
- Map dependencies between applications and infrastructure components to maintain functionality and minimize security risks during and after the migration.
- Conduct thorough security audits and vulnerability assessments after the migration to identify and address any newly emerged vulnerabilities in the new environment.
- Interpret CVE data to prioritize threats in live & staged environments.
- Document for auditability and incident prevention related to the data migration effort.
- Script PowerShell tools to automate asset reclassification and reporting.
Required Skills
- 5 years of hands-on experience with Rapid7 InsightVM and ability to prioritize vulnerabilities based on exploitability business impact and criticality
- 5 years of experience setting up remediation projects running advanced queries exporting data in Rapid7 and performing analysis in Excel using pivot-tables
- 5 years of hands-on experience with IT Service Management software including ServiceNow (creating tickets searching updating attaching files researching SLA creating child-parent ticket pairs)
- 5 years of strong foundational understanding of general IT concepts with hands-on familiarity across Windows Unix and Linux server environments core networking principles virtualization technologies such as VMware and exposure to enterprise platforms including Oracle and IBM systems
V Group Inc. is a New Jersey-based IT Services and Products company strategically organized into multiple business units: Public Sector Enterprise Solutions Ecommerce and Digital. Within our Public Sector unit we specialize in delivering IT Professional Services to Federal State and Local governments. We hold multiple contracts across 30 states across US which include: NY CA FL GA MD MI NC OH OR CO CT TN PA TX VA MN NM VT and WA. If youre considering a career opportunity with V Group or exploring a partnership I welcome you to reach out to me with any questions about our services and the unique advantages we offer to consultants. And please feel free to share my contact information with others who may benefit from connecting with us.
