Apply on Employer Site

Dotdash Meredith · 5 hours ago

Analyst, Vulnerability & Threat

United States

Full-time

Remote

Entry Level

$75K/yr - $85K/yr

1+ years exp

Dotdash Meredith is seeking an Analyst of Vulnerability and Threat to assist in identifying, assessing, and mitigating cybersecurity vulnerabilities and threats. The role involves collaborating with team members to ensure the security of the organization's information assets and participating in various technical projects.

AdvertisingDigital MediaPrinting

Responsibilities

Gather and analyze threat intelligence from various sources

Correlate data from SIEMs, EDRs, and network telemetry to validate findings and escalate confirmed incidents to incident response teams

Assist in the development and support incident response plans to address security incidents effectively

Conduct regular threat assessments and testing, including penetration testing/red teaming to evaluate the organization's security posture

Perform in-depth analysis of publicly disclosed vulnerabilities and assess organizational exposure

Assess and test the effectiveness of current detection and prevention technologies, identifying gaps and recommending improvements

Proactively identify potential threats by developing and executing threat-hunting campaigns across networks, endpoints and cloud environments

Leverage threat intelligence, behavioral analytics, and anomaly detection to uncover indicators of compromise (IOCs) or advanced persistent threats (APTs) that evade standard detection tools

Refine and create new alerting logic, detection signatures, and playbooks based on hunting outcomes

Develop and maintain security documentation and procedures

Assist in conducting regular and ad-hoc vulnerability scans and assessments using a variety of tools (SAST, DAST, IAST, etc.) and techniques

Analyze scan results and identify critical vulnerabilities

Help maintain vulnerability assessment tools and technologies

Research and document vulnerabilities based on risk and potential impact

Collaborate with IT, Engineering and business units to ensure timely remediation in accordance to SLAs

Track remediation progress and ensure timely closure of vulnerabilities

Work closely with IT, engineering, operations and other stakeholders to ensure effective collaboration

Communicate security risks and recommendations to management and stakeholders

Assist in the development and delivery of security awareness training programs

Qualification

Cybersecurity expertiseVulnerabilityThreat ManagementTechnical skillsRelevant certificationsOS SecurityComplianceOrganizationCommunicationInterpersonal skillsTime managementTeamworkWork independently

Required

Bachelor's degree in Computer Science, Information Security, or a related field or equivalent experience

Minimum of 1-3 years of experience in cybersecurity, with a focus on vulnerability and threat management

Cybersecurity expertise: Security principles, vulnerabilities, threats, container security and cloud security (AWS, GCP, Azure)

Vulnerability and Threat Management: Assessment, threat modelling (STRIDE / MAESTRO methods preferred), penetration testing, intelligence gathering and analysis

OS Security and Compliance: Linux, Windows, Mac, G-Suite, GWS Administration, SOC 2, NIST CSF, SOX, PCI-DSS

Technical skills: Scripting (Python, Powershell, Bash), incident investigation and response

Soft skills: Communication, interpersonal skills, organization, time management, teamwork, and the ability to work independently in a fast-paced environment

Occasional travel and on-call availability