Previous Job
Senior Vulnerability Monitoring Analyst ID3160141
Ref No.: 17-15151
Location: Jacksonville, Florida
Position Type:Direct Placement
Start Date: 11/09/2017
Senior Vulnerability Monitoring Analyst
Assistant Vice President

Job Overview:
The ideal candidate will ensure an accurate, threat driven, and timely understanding of the vulnerabilities that exist within the enterprise. They will ensure that all vulnerabilities are reported and understood by the various stakeholders. This includes looking across not only the operational enterprise, but to infuse Vulnerability identification into the development of new capabilities by providing self-service functions that can be utilized across the technology groups. The position calls for a technical expert who understands business operations, information technology and security and will utilize that knowledge to assist with the implementation of an effective security campaign that ensures the overall security position is aligned with business needs and the evolving threat landscape.

Roles and Responsibilities overview:
  • You will be required to perform and evaluate scans across the production estate using vulnerability management tools, custom scripts and present reports based on findings to both technical and non-technical teams
  • You will be required to provide operational scanning in the event of incidents to assist local security operations team
  • Understanding of application vulnerabilities and be able to demonstrate with evidence exploits possible and work with application owners to remediate
  • Maintaining scanning infrastructure, knowledge of Unix and Microsoft OS
  • Work with external vendors to review and validate vulnerability reports. Confirm and test for findings and determine root cause for remediation
  • Discovery, Investigation and assistance in remediation of PKI certificates used on internally and externally facing servers
  • Develop documentation and process for tracking vulnerabilities and issues
Technical Experience Requirements:
  • Experience in comprehensive vulnerability management programs, working in an information security or IT operations related field in an enterprise environment
  • Experience utilizing two or more open-source and enterprise vulnerability assessment tools such as WebInspect, Veracode, Fortify, Nessus, NMAP Non-Technical Experience Requirements:
  • Collaboration with global staff across multiple organizations
  • Effective oral and written communication, technical leadership, performance management, issue resolution, negotiation, motivating others, forecasting, and planning
  • Self-motivated with ability to work with minimal supervision Education and Certifications:
  • Degree from a four-year university or major course work in computer science, networking, engineering or other computer-related field of study.
  • One of the following certifications: CISSP, SANS GIAC Certified Penetration Tester (GPEN), SANS GIAC Certified Web Application Penetration Tester (GWAPT), Offensive Security, Certified Ethical Hacker (CEH)