Security Analyst

Overview

On Site
$100000.00 - $100000.00 per annum
Full Time

Skills

Security Analyst

Job Details




Job Title: Security Analyst
Direct Hire
Remote

Job Summary: The Vulnerability Management Security Analyst will assist in identifying, prioritizing, acquiring, installing, and verifying the installation of patches, updates, and upgrades throughout the company.

Essential Duties and Responsibilities:

  • Support the management of device, user, and application certificates (SSH, SSL Keys)

  • Ensure scan results are presented in appropriate dashboards, and reports, and forwarded to external data systems

  • Utilize manual testing techniques and methods, at management direction, to gain a better understanding of the environment and identify false negatives

  • Maintain knowledge of system, OS, and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)

  • Recommend the selection of cost-effective security controls to mitigate risk

  • Create and maintain documentation for processes and procedures for vulnerability findings and their mitigations and remediation.

  • Assess and mitigate system security vulnerabilities and risks



Qualifications:

  • Minimum three years of hands-on working experience with vulnerability scanning systems.

  • Minimum three years of hands-on working experience with patch management systems for Windows and Linux systems

  • Must be capable of delivering a very high level of customer service

  • Experience with Microsoft Intune, SCCM, or other device management systems preferred but not required

  • Experience working with Microsoft Active Directory and Entra ID

  • Experience and/or thorough understanding of one or more of the following technologies/languages: Excel, SQL, PowerShell, Bash, and JSON

  • Possess industry-standard certifications (e.g., GIAC, CISSP, CISM) preferred but not required

  • Experience in IT controls monitoring for regulatory and compliance requirements like CIS, NIST, CMMC, ISO 27001 & ISO 27002 preferred but not required


Apply now!

About Vaco Technology