You are viewing a preview of this job. Log in or register to view more details about this job.

Data Security Analyst

Robert Half
Email
 
JOB DESCRIPTION: Technical Information Security Analyst – Vulnerability Management


KEY ACCOUNTABILITIES
 Contribute to the development and maintenance of the vulnerability management program and technologies supporting information security including: development of processes, documentation, and maximizing tooling
 Daily assessment of vulnerabilities identified by infrastructure scan
 Evaluate, rate and perform risk assessments on assets
 Prioritizing vulnerabilities discovered along with remediation timeline(s)
 Send and receive notifications to the SMEs of vulnerabilities within the environment
 Interaction with multiple global teams (security architecture, penetration testing, application development, etc)
 Maintain knowledge of the threat landscape
 Provide reporting and analysis and follow up
 Provide vulnerability analysis and produce reports for management
 Participate collecting, assessing, and cataloging threat indicators
 Create and maintain reporting of vulnerability management
 Perform other related duties as assigned

KNOWLEDGE, SKILLS and EXPERIENCE

 2+ years of exposure to operations production and technology environment and/or various environments preferred to be within the financial services industry and/or vulnerability management
 Experience with vulnerability and patch assessment
 Good understanding of Windows and Linux patching
 Knowledge of vulnerability scoring systems (CVSS/CMSS)
 Experience on vulnerability scanning tools
 Knowledge of application, network and operating system security
 Ability to learn new technologies
 Excellent writing and presentation skills are required in order to communicate findings and status
 Cleary communicate priorities and escalation points/procedures to other team members
 Detail oriented, organized, methodical, follow up skills with an analytical thought process
 Excellent communication skills, especially related to facilitation, documentation and reporting
 Strong organizational skills
 Prior experience with Project Management
 Reasonable depth of exposure/understanding of information technology processes and best practices
 Excellent team skills, both as a leader and as a team player

Expected educational background for this position would include:

 Preferred industry certification in Information Security such as: CISSP, Security+, Network+, SANS
 Monitoring tools
 Security architecture experience a plus