117 applicantsPosted by Agency

This job has closed.

Company

Original Job Post

On-Demand Group · 2 days ago

Senior Vulnerability Management Analyst

Twin Cities Area

Contract

Onsite

Senior Level

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ConsultingInformation Technology

Growth Opportunities

Hiring Manager

Sarah Robinson

Insider Connection @On-Demand Group

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Review and Prioritize vulnerability data for Windows systems.

Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.

Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.

Leverage vulnerability database sources to understand each weakness, its probability and remediation options, including vendor-supplied fixes and workarounds.

Collaborate with security groups such as risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.

Work directly with infrastructure and application teams to advise and support remediation efforts to close vulnerability exposure to new threats and verify the organization’s security posture against them.

Assist in managing vulnerabilities across the enterprise with Tenable Cloud and Security Center

Arrange and provide support to business units launching new technology applications and services to verify that new products/offerings are added to continuous scans and appropriate reports and dashboards are built/updated.

Perform other duties as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information security administrationVulnerability managementSecurity operationsSystems administrationNetwork administrationVulnerability management solutionsQualysNexposeKenna SecurityTaniumTenable NessusDeploying Nessus scannersDeploying Nessus agentsWindows operating systemsUnix operating systemsEndpoint applicationsDNSNetworking protocolsNetworking devicesIP rangesSubnetsOrganization-wide vulnerability scanningRemediation processesOWASPCVSSMITRE ATT&CK frameworkSoftware development lifecycleBusiness risk communicationRemediation requirements communicationProblem-solving

Required

Bachelor’s degree in Information Security systems or related field or relevant/equivalent experience.

5+ years of experience in information security administration, vulnerability management, security operations, systems administration, network administration, or help desk.

Strong skills with vulnerability management solutions such as Qualys, Nexpose, Kenna Security, Tanium and open source. Preferred experience with Tenable Nessus. Bonus for experience deploying Nessus scanners and/or agents.

A solid understanding of information security, including an understanding of business and governance processes.

Strong skills with Windows and \•nix operating systems, endpoint applications, DNS, networking protocols and devices, and IP ranges and subnets.

Strong skills in organization-wide vulnerability scanning and remediation processes.

Familiar with OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.

Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well.

Excellence in communicating business risk and remediation requirements from assessments.

Analytical and problem-solving mindset.

Highly organized and efficient. Self-starter requiring minimal supervision.

Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.