Vulnerability Risk Analyst
Job Location:
Job Location:
Malvern, PA - USA
Monthly Salary:
Not Disclosed
Monthly Salary:
Posted on:
19 days ago
Posted on:
Vacancies:
1 Vacancy
Vacancies:
Job Summary
No Fake Visa About the job
Responsibilities
Microsoft 365 and Copilot: Robust understanding of Microsoft 365 and Copilot functionalities including integration and customization.
Bachelors degree in Cybersecurity Information Systems Computer Science or equivalent practical experience.
Security certification(s) preferred (e.g. Security SSCP CISSP or equivalent) especially if the role will independently assess risk treatment quality.
Demonstrated foundation in cybersecurity principles (vulnerability lifecycle risk concepts remediation approaches) and the ability to apply them in an enterprise environment.
Proven security expertise across infrastructure products and services.
Working knowledge of vulnerability management outcomes: identifying assessing prioritizing and enabling workflows that help drive vulnerabilities to closure or approved treatment
Experience supporting or governing vulnerability scanning/assessment programs for enterprise assets (on prem and/or cloud workloads) including compliance to remediation SLAs.
Ability to perform a structured investigation of a suspected false positive and document the outcome and decision path.
Ability to explain a vulnerabilitys impact in plain business terms and produce a concise risk treatment summary that is approver ready.
Ability to support downgrade/override decisions with written rationale that is auditable and explicitly scope
Skills Required
Proficiency in creating structuring and analyzing datasets using automation development frameworks and AI driven tools.
Robust writing skills to produce audit ready rationales and summaries (risk acceptances downgrade rationale false positive outcomes).
Comfortable facilitating discussions with technical and non technical stakeholders to clarify facts confirm remediation options and drive decisions.
Robust attention to detail for data accuracy
Familiarity with vulnerability and posture tooling across on prem and cloud contexts
Job Summary
- Prepare detailed reporting on vulnerabilities and related risks integrating risk concepts such as impact and likelihood to ensure proper prioritization. Reporting will outline security posture vulnerability trends and mitigation results.
- Conducts independent analysis of vulnerabilities to identify thematic issues and impact on systems. Support risk scoring.
- Leads scrums and huddles to support the tracking of vulnerability management efforts. Maintain Kanban boards that track remediation efforts.
- Supports the documentation of process & controls gaps that contribute to vulnerability risk.
- Coordinates with Technical Security Advisors to ensure remediation plans and status are up-to-date and accurate.
- Maintaining vulnerability management procedures.
- Participates in special projects and performs other duties as assigned.
Responsibilities
- 1. Prepare detailed reporting on vulnerabilities and related risks integrating risk concepts such as impact and likelihood to ensure proper prioritization. Reporting will outline security posture vulnerability trends and mitigation results.
- 2. Conducts independent analysis of vulnerabilities to identify thematic issues and impact on systems. Support risk scoring.
- 3. Leads scrums and huddles to support the tracking of vulnerability management efforts. Maintain Kanban boards that track remediation efforts.
- 4. Supports the documentation of process & controls gaps that contribute to vulnerability risk.
- 5. Coordinates with Technical Security Advisors to ensure remediation plans and status are up-to-date and accurate.
- 6. Maintaining vulnerability management procedures.
- 7. Participates in special projects and performs other duties as assigned.
Microsoft 365 and Copilot: Robust understanding of Microsoft 365 and Copilot functionalities including integration and customization.
Bachelors degree in Cybersecurity Information Systems Computer Science or equivalent practical experience.
Security certification(s) preferred (e.g. Security SSCP CISSP or equivalent) especially if the role will independently assess risk treatment quality.
Demonstrated foundation in cybersecurity principles (vulnerability lifecycle risk concepts remediation approaches) and the ability to apply them in an enterprise environment.
Proven security expertise across infrastructure products and services.
Working knowledge of vulnerability management outcomes: identifying assessing prioritizing and enabling workflows that help drive vulnerabilities to closure or approved treatment
Experience supporting or governing vulnerability scanning/assessment programs for enterprise assets (on prem and/or cloud workloads) including compliance to remediation SLAs.
Ability to perform a structured investigation of a suspected false positive and document the outcome and decision path.
Ability to explain a vulnerabilitys impact in plain business terms and produce a concise risk treatment summary that is approver ready.
Ability to support downgrade/override decisions with written rationale that is auditable and explicitly scope
Skills Required
Proficiency in creating structuring and analyzing datasets using automation development frameworks and AI driven tools.
Robust writing skills to produce audit ready rationales and summaries (risk acceptances downgrade rationale false positive outcomes).
Comfortable facilitating discussions with technical and non technical stakeholders to clarify facts confirm remediation options and drive decisions.
Robust attention to detail for data accuracy
Familiarity with vulnerability and posture tooling across on prem and cloud contexts
