Cybersecurity Vulnerability Analyst

Sansaone


Job Location:

Warsaw - Poland

Monthly Salary: Not Disclosed
Posted on: 3 days ago
Vacancies: 1 Vacancy

Job Summary

Responsibilities:

  • Receiving information and reports about hardware and software vulnerabilities; analysing the nature mechanics and effects of the vulnerabilities; and developing response strategies for detecting and repairing the vulnerabilities;
  • Proactively managing vulnerabilities by performing vulnerability assessments penetration tests and reviewing the technical security compliance (deviation from a baseline configuration) of systems and services;
  • Managing response to disclosed vulnerabilities for which no countermeasure is yet available.
  • This service can involve communicating with vendors other CSIRTs technical experts constituent members and the individuals or groups who initially discovered or reported the vulnerability.
  • Evaluates results of security audits and tests security findings prioritises plans and implements remediation controls
  • Provides forensic analysis in response to information security incidents
  • Assesses security controls of new applications to establish compliance level and appropriate configuration
  • Performing vulnerability watch
  • Processing of incoming vulnerability warnings alerts and reports
  • Oversee the management of known vulnerabilities through established processes and procedures
  • Triage based on verification level of exposure and impact assessment
  • Analysing and examining vulnerabilities in hardware or software
  • Validating the existence of suspected vulnerabilities by determining where they are located and how they can be exploited
  • Reviewing source code using a debugger to determine where the vulnerability occurs or trying to reproduce the problem on a test system
  • Notifying the various parts of the Agency about the vulnerability and shares information about how to fix or mitigate the vulnerability
  • Verifying that the vulnerability response strategy has been successfully implemented
  • Performing regular vulnerability scans of system and applications writing reports including recommendations for improvements and following-up the remediation process for identified vulnerabilities
  • Providing regular reports and dashboards (based on KPIs) to monitor security improvements
  • Performing penetration tests and writing reports including recommendations for improvements
  • Reviewing the technical security compliance of systems against defined security baselines (gold configuration) writing reports and following-up the remediation process for identified non-compliance
  • Participating in the definition of security baselines
  • Provide activity reports to management to demonstrate service SLA and service quality

Skills:

  • Document report present and communicate with various stakeholders
  • Develop codes scripts and programmes
  • Identify and exploit vulnerabilities
  • Conduct ethical hacking
  • Think creatively and outside the box
  • Identify and solve cybersecurity-related issues
  • Communicate present and report to relevant stakeholders
  • Use penetration testing tools effectively
  • Conduct technical analysis and reporting
  • Decompose and analyse systems to identify weaknesses and ineffective controls
  • Review codes assess their security integrate cybersecurity solutions to the organisations infrastructure
  • Configure solutions according to the organisations security policy
  • Assess the security and performance of solutions
  • Develop and test secure code and/or scripts
  • Identify and troubleshoot cybersecurity-related issues

Specific Requirements:

  • Experience in vulnerabilities analysis
  • Knowledge of risk assessment in the context of given vulnerability and its environment
  • Experience in coordination and execution of PenTests
  • Experience in implementing protections against the most common types of exploits for web apps
  • Proficient in writing reports covering vulnerabilities and patch management
  • Experience in reviewing current security controls and proposing improvements
  • Experience in writing security procedures/policies with emphasise on information protection and data privacy
  • Experience in administering security solutions - Vulnerability platform WAF EDR
  • Innovative approach to new technologies

Required Skills:

developmentperlcisspisoexcelapachepowerpointjavasqlmanagementmaterialsmanagerdatabasewindowslinuxdisaster recoveryrisk managementperipheralsarchitectureunix

Responsibilities: Receiving information and reports about hardware and software vulnerabilities; analysing the nature mechanics and effects of the vulnerabilities; and developing response strategies for detecting and repairing the vulnerabilities; Proactively managing vulnerabilities by performing ...

About Company

Sansaone

30 employees

Company Logo

Welcome to Sansaone, a dynamic force in the realm of ICT talent acquisition. Born out of a passion for excellence and a vision for connecting outstanding professionals with forward-thinking organizations, we stand as a beacon for strategic recruitment solutions in the Information and ... View more

View Profile View Profile