Vulnerability Management Senior Analyst

Vulnerability Management, Qualys, Patching, CISSP, CISA, NIST, ISO 27001, COBIT, SOX, HIPAA, PCI
Contract Independent, 12 Months
$60 - $70
Work from home available Travel not required

Job Description

Primary Duties:

  • Understanding of the Vulnerability Management lifecycle to include vulnerabilities related to:
  • Operating Systems (Linux, Windows, Android, iOS)
  • Network Infrastructure (routers, switches, firewalls, proxy servers, etc)
  • Applications (Web, COTS, Custom)
  • Assist with auditing of information systems activities and systems to confirm information security policy compliance and provide management with security policy compliance assessments and system monitoring reports
  • Measures Enterprise-wide compliance with organizational security policies and standards using various toolsets
  • Prioritize remediation activities based upon the results of the Enterprise-wide compliance program or internal/external audits
  • Responsible for preparing compliance reports by collecting, analyzing, and summarizing data from various sources
  • Conduct security risk assessments on new products and systems, periodic security risk assessments on existing systems and identify and/or recommend appropriate security countermeasures and best practices through the use of vulnerability scanning and system assessment toolsets.
  • Work with stakeholders to provide security solutions that support their business requirements
  • Assist management in setting up strategic planning of information security, compliance and internal audit policies and procedures to ensure compliance with the security and privacy regulations and state and federal laws protecting customer and employee confidentiality and privacy.
  • Assess and modify procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction.
  • Maintain Enterprise-wide Security Policies/Standards/Procedures.
  • Identify, develop, and implement mechanisms to detect security incidents to enhance compliance with and support of security standards and procedures in place.
  • Update the Unified Compliance Framework (UCF) as needed.
  • Maintain awareness of changes in security risks, security measures, and computer systems assessing new requirements for current and emerging compliance regulations.
  • Communicate technical and business problems clearly, quickly and in a concise manner to a variety of audiences.
  • Facilitate meetings and help drive privacy solutions working across corporate teams.
  • Work with ISCM, IT, Internal Audit, Compliance and HR to develop solutions and/or provide guidance around compliance, security and risk requirements.

Requirements:

Must have

  • Bachelor Degree in Computer Science, Engineering or related discipline
  • 5+ Years Previous experience with vulnerability scanners (Qualys preferred)
  • Previous experience with automated patching toolsets for Windows and non-Windows systems
  • Previous experience creating executive and technical reports from different data sources
  • Ability to work effectively, independent of assistance or supervision
  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone to convey critical information
  • Ability to multi-task and adjust to changing priorities in order to meet customer expectations
  • Attention to detail, and experience working in a large segmented organization
  • Innovative, creative, and extremely responsive, with a strong sense of urgency
  • Willing to share knowledge and assist others in understanding technical and business topics
  • Strong analytical, technical, and problem-solving skills
  • Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays
  • Understanding of various Information Security frameworks (NIST, ISO 27001, COBIT)
  • Understanding of various regulatory requirements (SOX, HIPAA, PCI)
  • Preferred certification: CISSP, CISA or equivalent.

Recommended skills and capabilities

  • Experience with IT GRC Tool RSAM or RSA Archer
  • Self-motivated, self-directed and shows attention to detail while working
  • Works ethically and with integrity supporting organizational goals and values
  • Displays commitment to excellence
  • Completes work in a timely manner and meets deadlines
  • Contributes to building a positive team spirit and treats others with respect
  • Maintains confidentiality of information and uses information appropriately
  • Exhibits sound judgment when making decisions and recommendations
  • Fosters collaboration toward a common vision and shared goals

Posted By

500 N. Michigan Avenue, Suite 600 Chicago, IL, 60611

Contact
Dice Id : 90987557
Position Id : 6157468
Have a Job? Post it

Similar Positions

Remote Security Consultant - Requires local candidate
  • Blue Streak Partners, Inc.
  • Alpharetta, GA
Security Risk and Controls Consultant
  • Synergis
  • Alpharetta, GA
IT Security Analyst
  • Cincinnati Bell Technology Solutions
  • Atlanta, GA
Principal Security Consultant
  • Micro Focus
  • Atlanta, GA
Information Security Analyst/ Architect (CISSP Preferred)
  • C&G Consulting Services
  • Alpharetta, GA
IT Security Analyst
  • ESG Consulting
  • Atlanta, GA
Information Security Analyst
  • Zyston
  • Alpharetta, GA
Senior Security Risk Management Analyst
  • Assurity Staffing Group
  • Atlanta, GA
Information Security Architect
  • Ameri100
  • Atlanta, GA
Cyber Security Engineer / Pen Tester
  • MDMS Recruiting
  • Atlanta, GA
Information Security Architect
  • Intone Networks Inc.
  • Atlanta, GA
ICS Security Architect
  • AptoNet Inc
  • Atlanta, GA
Information Security Analyst
  • Angel Oak Capital
  • Atlanta, GA
Security consultant
  • HCL America Inc.
  • Alpharetta, GA
Vulnerability Security Engineer
  • Data Resource Technologies
  • Marietta, GA