Vulnerability Management Analyst
The Vulnerability Management Analyst is part of our Global Security, Risk, and Compliance (‘GSRC’) team. This role is responsible for coordinating and maintaining our vulnerability management program, assessing technology and suppliers, and working with teams to remediate issues. We’re looking for an enthusiastic, hardworking, and creative team member to keep our company secure.
- Managing vulnerability testing tools, scheduling and creating scans, working with tech teams to remediate issues
- Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation
- Working with clients to resolve public facing vulnerabilities in our applications and associated infrastructure
- Regularly research and learn new TTPs in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary
- Create metrics for management reporting
- Coordinate with internal and external auditors
- Coordinate Security RFP responses
- Maintain document repository and audit book
- Monitor for new vulnerabilities (US-CERT, NVD, CVE, Twitter)
- Maintains monthly status reports for RFPs/Vulnerabilities/Security Training
- Maintains ticketing system
- Tracks and coordinates GSRC projects
- Develop and maintain a calendar for the above activities
- Improve GSRC efficiency, maintain workflows and collaboration
- Participates in finding process improvement opportunities, provides solutions and participates in implementation of changes.
- Familiarity with vulnerability assessment tools and manual testing practices (Qualys, , Metasploit, Burpsuite, Veracode)
- 2-4 years performing vulnerability management
- Ability to plan, organize, prioritize and independently solve problems seeking help when necessary
- Strong communication skills, very proactive and results oriented
- Knowledge of software development processes and concepts
- Understanding of OWASP, USCERT, NIST, ISO 27001/270002 a plus
- Ability to meet deadlines.
- Familiarity with Linux
- Proficient with Microsoft Office
- Ability to stay calm under pressure and the ability to set customer expectations and clearly follow through to meet them.
Join the global leader in talent acquisition technologies that’s committed to finding new ways to leverage software, strategy and creative to enhance our clients’ employer brands – across every connection point. We’re looking for unconventional thinkers. Relentless collaborators. And ferocious innovators. Talented individuals who are ready to work towards solutions that transform the way employers and job seekers connect.
Radancy is an equal opportunity employer and welcomes all qualified applicants regardless of race, ethnicity, religion, gender, gender identity, sexual orientation, disability status, protected veteran status, or any other characteristic protected by law. We actively work to create an inclusive environment where all of our employees can thrive.