Vulnerability Management Analyst

Job Description:

We are seeking a highly skilled and motivated Vulnerability Management Analyst to join our Information Security team. The ideal candidate will be proficient in using advanced vulnerability scanning tools, assess, and mitigate vulnerabilities within our systems. This role requires a proactive approach to security, excellent research skills, and the ability to coordinate effectively with various stakeholders to ensure comprehensive vulnerability management.  Provide additional control and assurance function related to Cyber Security posture of the organization.

Key Responsibilities:

Vulnerability Identification and Assessment:

• Conduct regular vulnerability scans using Vulnerability Management tools across various platforms and systems.

• Analyze scan results to identify critical vulnerabilities and prioritize remediation efforts based on risk.

• Maintain up-to-date knowledge of the latest vulnerabilities, including both current and historical security issues.

Remediation and Patch Management:

• Collaborate with IT and system owners to develop and implement effective remediation plans.

• Lead the remediation efforts to ensure successful patching and mitigation of vulnerabilities.

• Monitor the effectiveness of patches and other security measures, adjusting strategies as necessary.

• Monitor for new and emerging Vulnerabilities in the wild via multiple sources.  Notify and act timely upon relevant findings in accordance with the firm policy and best practice.

Hardening Benchmark Compliance:

• Implement and maintain security measures in line with the industry standard benchmarks for system hardening.

• Regularly perform scans to evaluate compliance levels across all systems and applications.

Comprehensive Remediation Process:

• Analyze results from hardening scans to identify deviations from benchmark standards.

• Develop and execute detailed remediation plans to align systems with hardening recommendations, ensuring that all security configurations adhere to best practices.

Process Oversight and Continuous Improvement:

• Oversee the hardening and remediation lifecycle, ensuring that all stages from initial assessment to final validation are completed effectively.

• Continuously review and update the hardening processes based on evolving benchmarks and organizational needs.

Stakeholder Coordination:

• Coordinate with internal and external stakeholders to communicate vulnerability findings and remediation strategies.

• Provide expert advice and guidance on vulnerability management best practices.

• Prepare and present reports to IT and senior management on vulnerability trends and remediation progress.

• Collaborate with all Cyber Security teams, findings and requests

Research and Continuous Improvement:

• Conduct independent research to stay informed about new vulnerabilities and emerging threat vectors.

• Evaluate and recommend improvements to vulnerability management tools and processes.

• Develop and refine company policies related to vulnerability scanning and remediation.

Technical Proficiency and Reporting:

• Utilize scripting languages, particularly Python, and APIs to automate scanning and reporting tasks.

• Prepare comprehensive reports and documentation regarding vulnerabilities, remediation actions, and scan outcomes.

• Ensure accuracy and thoroughness in all reporting and documentation.

• Identify and classify assets based on role, location and relevance.

Required Skills and Qualifications:

• Minimum of 3 years of experience in vulnerability management or a closely related field.

• Proficient in using vulnerability scanning tools.

• Strong knowledge of operating systems, Linux, Windows, Cloud, Web application vulnerabilities, and security frameworks.

• Experience with scripting languages such as Python and familiarity with API integrations.

• Demonstrated ability to work autonomously with minimal supervision.

• Excellent analytical, organizational, and communication skills.

• Professional fluency in spoke English with clear articulation.

Preferred Qualifications:

• Relevant certifications.

• Experience in leading projects and coordinating with multiple stakeholders.

• Prior experience in Vulnerability Managment.

• Experience with Scrum\\Agile methodology and sprint-based workflow and process.

What’s In It For You?

• Elective Benefits: Our programs are tailored to your country to best accommodate your lifestyle.
• Grow Your Career: Accelerate your path to success (and keep up with the future) with formal programs on leadership and professional development, and many more on-demand courses.
• Elevate Your Personal Well-Being: Boost your financial, physical, and mental well-being through seminars, events, and our global Life Empowerment Assistance Program.
• Diversity, Equity & Inclusion: It’s not just a phrase to us; valuing every voice is how we succeed. Join us in celebrating our global diversity through inclusive education, meaningful peer-to-peer conversations, and equitable growth and development opportunities.
• Make the Most of our Global Organization: Network with other new co-workers within your first 30 days through our onboarding program.
• Connect with Your Community: Participate in internal, peer-led inclusive communities and activities, including business resource groups, local volunteering events, and more environmental and social initiatives.

Don’t meet every single requirement? Apply anyway.

At Tech Data, a TD SYNNEX Company, we’re proud to be recognized as a great place to work and a leader in the promotion and practice of diversity, equity and inclusion. If you’re excited about working for our company and believe you’re a good fit for this role, we encourage you to apply. You may be exactly the person we’re looking for!

We are an equal opportunity employer and committed to building a team that represents and empowers a variety of backgrounds, perspectives, and skills. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity or expression, sexual orientation, protected veteran status, disability, genetics, age, or any other characteristic protected by law.