29 applicants

This job has closed.

Company

Original Job Post

JetBlue · 3 days ago

Analyst IT Vulnerability Management

Washington, DC

Full-time

Hybrid

Mid Level

1+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Air TransportationTransportation

Insider Connection @JetBlue

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Assist in identifying and remediating vulnerabilities across traditional on-premises, data center, and corporate network environments.

Conduct regular vulnerability assessments using automated scanning tools to identify security weaknesses.

Analyze scan results, assess vulnerabilities, and collaborate with teams to prioritize remediation.

Ensure proper Secure Software Development Life Cycle practices and minimize release of vulnerable software.

Develop and update vulnerability management policies and procedures.

Generate accurate vulnerability assessment reports and collaborate with threat intelligence teams.

Review penetration test results and address vulnerabilities.

Maintain communication with various teams to ensure timely remediation of security risks.

Support compliance with Payment Card, Sarbanes-Oxley, and other frameworks.

Perform other assigned duties.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Vulnerability managementInformation securityRisk assessmentPatch managementNetwork architectureSystem architectureOperating systemsVulnerability scanning toolsNessusQualysRapid7Common vulnerabilitiesComplianceScan results analysisFalse positives identificationBackground checkDrug testLegal eligibilityProblem-solvingCommunicationCollaborationDetail-orientedApplication SecurityContainer SecurityCloud SecurityGCPAzureSecurity FrameworksNIST Cybersecurity FrameworkISO 27001

Required

Bachelor's degree in Computer Science, Information Security, or a related field; OR demonstrated capability to perform job responsibilities with a combination of a High School Diploma/GED and at least four (4) years of previous related work experience

At least one (1) year of experience in vulnerability management, information security, or related roles

Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7, or similar

Basic understanding of risk assessment methodologies and ability to evaluate vulnerabilities' potential impact to the business

Familiarity with patch management tools and processes for deploying security updates

Technical understanding of network and system architecture, operating systems, and common vulnerabilities

Excellent written and verbal communication skills

Ability to work collaboratively across teams, including IT, development, and compliance

Detail-oriented approach to analyzing scan results and identifying false positives

Available for occasional overnight travel (10%)

Must pass a ten (10) year background check and pre-employment drug test

Must be legally eligible to work in the country in which the position is located

Authorization to work in the US is required. This position is not eligible for visa sponsorship

Preferred

At least two (2) years of experience in vulnerability management, information security, or related roles

Past experience specifically in Programs beyond/outside of Operating System (OS) and infrastructure level vulnerabilities, e.g. application, container and cloud (GCP, Azure) vulnerability management

Familiarity with security frameworks and standards such as National Institute of Standards and Technology (NIST) Cybersecurity Framework, ISO 27001, or CIS Controls is a plus

Entry-level certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP) Associate, or equivalent are advantageous