Analyst IT Vulnerability Management jobs in United States
cer-icon
Apply on Employer Site
company-logo

JetBlue · 14 hours ago

Analyst IT Vulnerability Management

positionLong Island City, NY
timeFull-time
remoteHybrid
seniorityEntry Level
money$60K/yr - $112K/yr
date1+ years exp

JetBlue Airways Corporation is focused on cyber security driven by Risk Management and Threat-Informed Defense. The Analyst in Vulnerability Management will conduct vulnerability assessments, analyze results, and collaborate with cross-functional teams to ensure timely remediation of identified vulnerabilities.

Air TransportationTransportation
badNo H1Bnote

Responsibilities

Assist the IT and Cyber teams with identification and remediation of vulnerabilities across our traditional on-premises, data center and corporate network environments
Conduct regular vulnerability assessments using automated scanning tools to identify security weaknesses, out-of-date versions and vulnerable systems across our corporate, data-center and multi-cloud environments
Analyze scan results and assess vulnerabilities with regard to severity, impact, and potential risk to the organization and collaborate with system owners and IT teams to prioritize and coordinate remediation via patching and/or mitigating controls
Collaborate with engineering and QA teams to ensure proper SSDLC practices and minimize the release of any vulnerable software through our deployment pipeline
Assist in developing and updating vulnerability management policies and procedures, and in implementing those processes across our hybrid network environment
Generate accurate and concise vulnerability assessment reports, including metrics on risk, vulnerability exposure and remediation progress
Coordinate directly with the threat intelligence and pen-test teams regarding emerging vulnerabilities, active exploits, changes in our attack surface and other factors that influence prioritization and risk
Assist in planning and reviewing penetration and red-team test results to identify and address vulnerabilities that may not be identified through automated scanning
Participate in cross-functional meetings to maintain strong communication with IT, networking, systems owners and MSPs and collaborate with other contributors to ensure timely remediation or mitigation of security risks
Support our Cyber GRC team to ensure successful compliance with Payment Card (PCI), Sarbanes-Oxley and other required oversight frameworks
Other duties as assigned

Qualification

Vulnerability managementVulnerability scanning toolsRisk assessment methodologiesPatch management toolsNetworkSystem architectureSecurity frameworksEntry-level certificationsCommunication skillsCollaborative workDetail-oriented

Required

Bachelor's Degree in Computer Science, Information Security, or a related field; OR demonstrated capability to perform job responsibilities with a High School Diploma/GED and at least four (4) years of previous relevant work experience
One (1) year of experience in vulnerability management, information security, or related roles
Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7, or similar
Basic understanding of risk assessment methodologies and ability to evaluate vulnerabilities' potential impact to the business
Familiarity with patch management tools and processes for deploying security updates
Technical understanding of network and system architecture, operating systems, and common vulnerabilities
Excellent written and verbal communication skills
Ability to work collaboratively across teams, including IT, development, and compliance
Detail-oriented approach to analyzing scan results and identifying false positives
Available for occasional overnight travel (10%)
Must pass pre-employment drug test
Must be legally eligible to work in the country in which the position is located
Authorization to work in the US is required, this position is not eligible for visa sponsorship

Preferred

Past experience specifically in Programs beyond/outside of OS and infrastructure level vulnerabilities, e.g. application, container and cloud (GCP, Azure) vulnerability management
Familiarity with security frameworks and standards such as NIST Cybersecurity Framework, ISO 27001, or CIS Controls is a plus
Entry-level certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP) Associate, or equivalent are advantageous

Benefits

Access to healthcare benefits
A 401(k) plan and company match
Crewmember stock purchase plan
Short-term and long-term disability coverage
Basic life insurance
Free space available travel on JetBlue

Company

JetBlue

twittertwittertwitter
Glassdoor3.7
company-logo
When JetBlue first took flight in February 2000, our founding goal was to bring humanity back to air travel, and over two decades later, we still put our customers, crewmembers and communities at the center of everything we do.
dateFounded in 1998
location
Long Island City, New York, USA
people-size10001+ employees
web-link
http://www.jetblue.com/

Funding

Current Stage
Public Company
Total Funding
$400M
2024-08-12Post Ipo Debt· $400M
2002-04-12IPO

Leadership Team

leader-logo
Joanna Geraghty
CEO
linkedin
leader-logo
Ursula Hurley
Chief Financial Officer (CFO)
linkedin

Recent News

Morningstar.com
United Airlines Q4 and Full Year EPS Beat Wall Street Expectations, With Full Year EPS Up Year-Over-Year
2026-01-20
The Guardian Nigeria News - Nigeria and World News
NCAA threatens stiffer sanctions on airlines over flight delays
2026-01-09
Sherwood News
The S&P 500 closes at a record high
2026-01-07
Company data provided by crunchbase