Location: Jersey City, NJ
Duration: 6 month contract with Right-to-Hire
Rate: $400-440 Day
Security Vulnerablility Operations Analyst
Vulnerability Management Operations: Vulnerability Operations Analyst
IT - Security Technologies
This role is responsible for the operations for detecting security vulnerabilities present in platforms, infrastructure, networks and common production applications for the global enterprise.
Working within the global Vulnerability Management team, this role involves the review and risk rating of security vulnerabilities pertinent to infrastructure, operating the vulnerability management toolkit to detect vulnerabilities and security risks across the enterprise and driving and tracking the security remediation progress across various responsible teams globally.
A key aspect of the role is the ongoing development and maintenance of reports and metrics to provide a visualization of vulnerability management effectiveness and security position, and identify weaknesses in controls in order to drive change and improvements and measure the success of these change initiatives.
This is a technical, hands-on role and the ideal candidate has experience working within a similar function in a large, distributed environment, with a strong understanding of and enthusiasm for technical security concepts, security threats and vulnerabilities.
Key Responsibilities / Duties:
- Identifying published vulnerabilities affecting the exposure of corporate assets
- Risk rating applicable vulnerabilities and communicating risks to relevant remediation streams
- Operating vulnerability assessment tools, including network scanners and host-based detection agents to provide continuous monitoring of the estate and detection of vulnerabilities. This includes the liaison and management of 3rd party vendors who provide independent vulnerability assessments of the company perimeter
- Ensuring an active assessment capability across all networks and infrastructure. Continuing to monitor the effectiveness of this assessment capability and working with engineering teams to improve the capability where necessary
- Automation and scripting of common tasks to increase efficiency
- The ongoing development of KPIs, reporting and metrics and communication as to the state of vulnerabilities globally.
- Continuous analysis of vulnerability and security data to identify trends and weaknesses with patching effectiveness or a growing number of vulnerabilities in a specific area. Communicating these reports and driving change and targeted improvements.
Contributes to Security Technology initiatives and projects, such as involvement with the Security Operations Team, Threat Intelligence function and other teams
Maintain strong working relationships with infrastructure teams and platform teams, communicates vulnerabilities, tracks remediation progress and influences process improvements
Ensure compliance with relevant external requirements and internal policies and standards.
Interacts with technology teams as required for the reporting of effective metrics and reports
Key Working Relationships:
Security Technology teams globally, including close interaction with the Security Operations Centre, Threat Intelligence Function and Security Engineering functions
Application Security team
Risk teams globally
Infrastructure teams, such as networking and platform owners
Vendors, suppliers and third parties
Functional professional peers and workgroups.
Key Skills and Attributes:
- 8+ years experience working in IT, with at least 5 years experience working within a technical security capacity, specifically a vulnerability management and/or security operations space in a large distributed enterprise. It is expected that the candidate have a strong background in IT technical security, specifically the Vulnerability management space
- A passion and enthusiasm for IT Security. Stays up to date with technology trends, and security threats and vulnerabilities
- Excellent analytical skills, with the ability to breakdown complex problems into actionable steps without over-simplification
- Ability to communicate security-related concepts to a broad-range of technical and non-technical staff in an intelligent, articulate and persuasive manner
- Strong technical and collaboration skills, organizational and time management skills, communications (verbal and written) and interpersonal skills
- A strong understanding and hands-on experience with enterprise vulnerability assessment technologies including enterprise agents and broad-based network scanners.
- A strong understanding of OS hardening and techniques and OS-level vulnerabilities, specifically Windows and Unix systems
- A good understanding of web technologies and web security hardening techniques, including Apache/Tomcat and IIS
- A good understanding of infrastructure-level vulnerabilities, including Cisco devices and wireless technologies
- An understanding of database vulnerabilities and configuration security issues
- A broad knowledge of networking concepts, including subnets, firewalls, IDS, routing, switching. Should be able to analyse a network topology and draw conclusions around security controls and weaknesses
- Excellent SQL and reporting skills and an understanding and appreciation of KPIs and metrics and how they apply to a vulnerability management and security function. The ability to analyze complex sets of data, correlate and aggregate data and draw conclusions, identifying trends and patterns relevant to security control weaknesses and the tracking of vulnerability remediation progress.
- Lateral thinking, passionate, innovative and creative. Has the ability to work under pressure on exciting projects
- Results oriented, ability to influence outcomes with a hands-on attitude
- Highly desirable: experience within the finance sector. Ideally, having worked in a similar function in a financial environment.
- Some development and scripting experience. Ability to automate tasks.
- Security certifications including CISSP, SANS, etc
- Experience with Mcafee vulnerability management toolkit, incl Foundstone, Policy Auditor, Arcsight SIEM tool, IDS technologies such as Snort
- Application security knowledge, e.g an understanding of OWASP concepts and principles