Note: The job is a remote job and is open to candidates in USA. JPI Technology LLC is seeking a Senior Security Vulnerability & Incident Analyst for a position that is primarily telework-based. The role involves working with the Vulnerability Management team to identify and remediate information security risks, analyze vulnerabilities, and assist with cybersecurity risk assessments.
Responsibilities
- The Senior Vulnerability Analyst is a key member of the Vulnerability Management team and works with internal and external groups to identify and drive remediation of information security risks
- The ideal candidate will have prior experience analyzing vulnerabilities to determine applicability and impact, reporting vulnerability and risk information to senior leadership, and leading prioritization and remediation strategies in an enterprise environment
- Maintain awareness of critical vulnerabilities and emerging threats that may impact the client
- (Tenable/Nessus, Security Center, Qualys, Wiz, ServiceNow and RBVM for vulnerability management.)
- Serve as a Vulnerability Management Subject Matter Expert (SME) assisting operational teams in understanding criticality of detected vulnerabilities, as well as providing remediation guidance
- Assist with cybersecurity risk assessments, IT audits and/or vulnerability assessments
Skills
- Master's degree in Cybersecurity, Information Security, or a related field with 8 years in Cybersecurity or 14 years in IT, 10 years in IT Security
- 4+ years of experience in information technologies, especially information security, such as security operations and incident response, regulatory compliance or audit, vulnerability management, security engineering or similar experience
- 4+ years of experience with vulnerability management technology, process, and programs
- Experience with vulnerability management and Testing tools, such as Tenable, Wiz, Qualys Rapid7, OWASP 10, Kali etc
- Experience with analyzing output from vulnerability management tools and security penetration tests for the purposes of prioritizing remediation efforts
- Familiarity with security standards and frameworks such as: NIST, PCI DSS, ISO, etc
- Demonstrated leadership, interpersonal and verbal communication skills
- Demonstrated written communication skills
- Expert knowledge of cybersecurity Vulnerability Management techniques, as applied to cloud, data, applications, platforms, operating systems and networks
- A strong working understanding of cybersecurity architectural principles
- Ability to understand technically challenging Common Vulnerability and Exposure (CVE) information and determine importance
- Experience with SIEM tools Information system security, cyber security, computer forensics, insider threat, information certification & accreditation regulations, Federal standards, industry best practices and guidelines
- Experience using SIEM tools like SourceFire, Splunk, NetWitness, Guidance Software, Digital Guardian, Raytheon (SureView), NMAP, Metasploit, Request Tracker, Nagios, Intelliview, Nessus and Foundstone
- Bachelor's (Required)
- Must have interim / Active Secret or TS clearance
Benefits
- Position is currently 100% telework / Remote- 8hrs/day, shift starts from 8am OR 9am.
- Telework with an exception of client visit for emergency meeting or on-site incident
Company Overview