Cyber Security Analyst

Overview

Cyber Vulnerability Management Analysts required to conduct vulnerability discovery, and security testing operations in order to:

  • Develop and maintain the capability for identifying vulnerabilities to client Information Systems
  • Drive remediation of vulnerabilities via proper measures and processes
  • Develop and verify the presence of controls
  • Provide technical and tactical advice to management

Ability to operate using consulting and influencing skills, and able to communicate security-related concepts to a broad range of Technical and non-technical staff and be a change agent to transform and enhance capabilities to meet current and future business drivers

Responsibilities

Vulnerability Management Operations:

  • Performs and manages technical vulnerability discovery and analysis including the categorization of a discovered vulnerability, characterization of threat posed to information systems
  • Facilitates remediation of vulnerabilities by recommending the proper course of action
  • Develop and implement security controls testing capabilities
  • Engage with stakeholders and SME’s to facilitate vulnerability discovery and remediation
  • Perform technical security testing analysis either both overtly and covertly to verify the effectiveness of controls.
  • Generate detailed technical analysis of findings as well as analysis consumable by non-technical audiences.
  • Maintain knowledge of latest cyber threats and industry best practices
  • Coach, teach, and Mentor other analysts enhancing their proficiency.
  • Develop training programs for vulnerability and security testing

Service Product Management (10%)

  • Support implementation of changes to processes and systems
  • Supports creation of appropriate documentation, implementation and communication of established policy, procedures and operating standards for service/product

Security Plans (10%)

  • Support reviews of existing security systems and recommends improvements in such areas as communication networks, physical, security, data access, computer hardware and software on all platforms

 

 

 

 

Additional responsibilities:

  • Supports the delivery of solutions that protect information resources against unauthorized disclosure, modification or loss
  • Assist in the rapid execution of information security initiatives by maintaining an appropriate level of prioritization, focus and persistence in an environment of significant change and growth
  • Ensure that project objectives are delivered on time and meet stakeholder expectations for quality
  • Provide consistent follow through with the Business Manager and IT Project manager on issues/concerns to ensure appropriate visibility and escalation where needed
  • Must be able to manage project task execution independently and get all associated team members to deliver their tasks on time, without direct authority
  • Provide security subject matter expertise
  • Assess the security posture of applications and infrastructure using a variety of assessment tools and methodologies
  • Executes in priorities and due dates set by his/her supervisor

Requirements

  • Bachelor’s degree or equivalent experience
  • Prefer certification in or working to obtain CISSP, CISA or CISM
  • 3 – 9 years in IT Security/IT Operations, or equivalent positions
  • Good understanding of Vulnerability Assessment and Technical Mitigation
  • Good understanding of IT security practices, methodologies, tools, and trends
  • Experience in Vulnerability Management technologies a plus
  • Knowledge of vulnerability detection software a plus
  • Able to produce technical reports
  • Windows Server OS intermediate skills
  • Basic Unix / Linux OS skills desired
  • Familiarity with PKI concepts desired
  • Basic IT network skills, familiarity with network address concepts
  • Prefer experience in vulnerability discovery and reporting
  • Strong team player / Excellent communication skills
  • Self-driven personality and willing to learn new products and services