Vulnerability Analyst

Contract W2, C2H W2, 6 Months
Depends On Experience
Telecommuting not available Travel not required

Job Description

The Vulnerability Management Analyst/Engineer will lead high priority projects and day-to-day activities related to our Vulnerability Management Program. The Vulnerability Management Analyst/Engineer is expected to deliver results while maintaining positive relationships with other IT infrastructure teams and project sponsors. 

Job Specific Responsibilities
Manage monthly automated scans and analysis of enterprise-class information systems, to include discovery scans, compliance scans, and vulnerability scans
• Managing projects to improve the Unified Vulnerability Management Program 
• Reporting on compliance to vulnerability remediation policy 
• Subject Matter Expert for our primary network-based vulnerability scanner 
• Vulnerability research, review, and escalation 
• Processing exception and dispute requests 
• Identifying and mitigating detection and reporting gaps 
• Tracking and reporting test results 
• Responding to audit requests 


Performs other related duties as assigned


Candidate Requirements

Must have RiskVision knowledge, either Operational/Use of RiskVision and/or Administrative/Configuration
• 10 years of Information Security 
• 5 years working directly with vulnerability and/or patch management 
• Possesses a strong understanding of vulnerability management concepts such as exposure, severity, criticality, risk, and threat 
• Possesses an understanding of how vulnerabilities are exploited 
• Possesses an understanding of SCAP, CVE, CVSS, CPE, CCE and OVAL 
• Demonstrates a firm grasp of the concepts of risk management and mitigation 
• Possesses detailed understanding of various operating systems and common applications as they relate to vulnerabilities 
• Possesses an understanding of virtual server and cloud environments 
• Possesses a strong understanding of baseline scanning and compliance reporting 
• Possesses an understanding of enterprise technology infrastructure, application development & maintenance, software testing, and IT architecture 
Possesses experience using a variety of vulnerability scanners and managing remediation efforts 

Preferred Qualifications CISSP, CEH, CISM




Data Resource Technologies Inc. is an Information Technology Staffing Firm serving the markets of the United States of America; the greatest country in the world. We work with Direct Clients Only and do not participate in multi layer contracts. Earn The Most Possible and put over 60 years of Information Technology Industry experience to work for you today, Call or Apply NOW!!!

Posted By

Jeremy Jensen

12020 Shamrock Plaza, Suite 200 Omaha, NE, 68154

Dice Id : 10124769
Position Id : GA_RiskVision
Have a Job? Post it