Vulnerability Analyst

Company: Disability Solutions
Location: Columbus
Posted on: September 20, 2023

Job Description:

Job Title:Vulnerability AnalystLocation:OH - WestervilleWhat you'll do:The Vulnerability Assessment Analyst will be part of the Platform Engineering team and performs assessments of systems and networks within the target environment and identifies where those systems/networks deviate from acceptable configurations or established policies. They measure and demonstrate the effectiveness of defense-in-depth architecture against known vulnerabilities and will then make expert recommendations to correct and strength security within the system. The Analyst will be IT partner facing, which will require presentations and content generation.What we are looking for: Essential Duties and Responsibilities

• Compiling and tracking vulnerabilities and mitigation results to quantify program effectiveness.
• Creating and maintaining vulnerability management policies, procedures, and training
• Analyze cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
• Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense assessment.
• Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
• Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., container registry scanning, open-source vulnerability scanning, network/host vulnerability scanning, cloud security posture management, and source code scanning.
• Analyze CIS benchmarks compliance for multiple platforms including on-premises and cloud resources and generate reports to achieve compliance by meeting organizational security standards.
• Create and manage incidents for resources or systems under required compliance leveraging ServiceNow, WorkFront, and confluence.
• Maintain weekly reports for work-in-progress efforts across platform engineering resources.
• Additional duties may be assigned as required.Required Knowledge and Skills
  • Knowledge of network security architecture concepts includes topology, protocols, components, and principles (e.q., application of defense-in-depth, Information Technology Infrastructure Library [ITIL]).
  • Proven experience in vulnerability management, patch management, or a related field, with a focus on Windows technologies.
  • Strong knowledge of vulnerability scanning tools, such as Rapid7 scanning tool, and patch management systems, including SCCM/MECM.
  • Experience with Microsoft technologies, including Windows operating systems, Windows Defender, and other Windows security tools.
  • Familiarity with vulnerability frameworks, such as CVE, CVSS, and CWE, as they apply to Windows technologies.
  • Solid understanding of network protocols, operating systems, databases, and web applications with a specific focus on Windows and Linux platforms.
  • Experience in coordinating and tracking remediation efforts across multiple teams and stakeholders for Windows technologies.
  • Excellent analytical and problem-solving skills, with keen attention to detail.
  • Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
  • Familiarity with regulatory requirements (e.g., PCI DSS, HIPAA, GDPR) and industry standards (e.g., NIST, ISO 27001) as they pertain to Windows technologies is desirable.
  • Ability to prioritize and manage multiple tasks in a dynamic, fast-paced environment.
  • Proficiency in generating vulnerability and patch management reports and metrics for Windows technologies.
  • Sound Knowledge of managing and applying group policies.
  • Knowledge of CIS benchmarks and Cloud CIS policies.
  • Works well both in a team environment and independently.
  • Sound judgment skills and ability to know when to escalate to leadership.
  • Self-motivated to improve knowledge and skills.Educational Requirements:
    • Bachelor's degree in computer science, Information Security, or a related field Required.
    • Relevant certifications (e.g., CISSP, CISA, GIAC) are a plus.
    • 3+ years of overall IT experience.
    • 2+ years of experience in vulnerability management.
    • 2+ years of experience in incident management.
    • 3+ years of experience in systems management and administration.Commitment:
      • Willingness to be an integral member of a successful team.
      • Dedication to providing the highest levels of service.
      • Excellent attendance and reliability.
      • Adherence to company policies and procedures.
      • Dedicated to maintaining confidentiality in every aspect of the job.
      • Limited traveling as needed.
      • Provide on-call supportBenefits you'll love:We offer all the important things you'd want - like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you'll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!About the company:Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona, Alliance Association Bank, Bank of Nevada, Bridge Bank, First Independent Bank, and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC. AmeriHome Mortgage is a Western Alliance Bank company.Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race, sex, color, religion, age, nation origin, marital status, disability, protected veteran status, sexual orientation, gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying, please email HR@westernalliancebank.com or call 602-386-2488. When contacting us, please provide your contact information and state the nature of your accessibility issue. We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process.-- Western Alliance Bancorporation

Keywords: Disability Solutions, Columbus , Vulnerability Analyst, Professions , Columbus, Ohio