We are seeking an experienced Vulnerability Management Analyst who has experience with vulnerability management across an enterprise. The role focuses on helping the organization look deeper and see further into the security of the environment to help improve and embed controls across the company. The role will be responsible for evaluating evidence by combining advanced data analysis and technology tools to offer the environment a sustainable yet high quality and efficient approach to managing their compliance. The Vulnerability Management Analyst will be responsible for scoping and remediating any vulnerabilities identified.
* Assist in the responsibility for the reviewing vulnerabilities' data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies and a changing environment including infrastructure and applications to determine risk rating of vulnerabilities to business assets. * Assist in improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion & normalization, compliance metrics and detections on assets. * Assist in partnering with tools and technology teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep system data protected from internal and external threats. * Assist in providing support and resolution for scanning and vulnerability remediation reporting issues. * Assist in working with the Business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks. * Stay current with vulnerability information across all the products in the Conduent environment. * Provide technical support for vulnerability management projects. * Provides analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving road blocks. * Perform reoccurring and on demand scanning activities of both corporate and cloud environments utilizing enterprise platform. * Assist in ensuring reports are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
Experience on Manual Patching or Automated Patching through tool is MUST
Strong skill set with Ivanti, Manage Engine (or similar) tool for patch management and package distribution across on-premises and cloud hosted assets
Familiar with Security standards, PCI Remediation and other Audit requirements
Strong understanding of Windows or Linux Operating systems
Good knowledge on working and reporting on Excel
Basic Knowledge on Shell scripting / Perl / Python/ AWX etc is required
Ability to patch applications like SharePoint, exchange, SQL servers, Other applications is highly desirable
Vulnerability assessment to help identifying false positives and remediate vulnerabilities across different infrastructure areas is highly desirable