Vulnerability Management Analyst II
The Judge Group Inc.

Newport Beach, California

Posted in IT


This job has expired.

Job Info


Location: Newport Beach, CA
Description: Our client is currently seeking a Vulnerability Management Analyst II

Job Description:

Responsibilities

  • Ensure our ability to identify, assess, prioritize and report on the organization's vulnerabilities.
  • Assess vulnerabilities to determine applicability and risk to the org.
  • Coordinate meetings with Divisional IT Operations staff to provide actionable security guidance in order to improve vuln remediation.
  • Partner with Divisional IT Operations staff to gain visibility of non-VM run tooling (Configuration Management, SAST, etc.) so that we can report on remediation of identified vulns.
  • Work with outside vendors to coordinate security testing such as penetration tests. Interpret findings and work with internal stakeholders to resolve.
  • Research and recommend design and implementation of new(er) security technologies and capabilities such as VM scanning integration into CI/CD pipeline, containerization security, IAST, RASP, adversary simulation, etc.
  • Administer Vulnerability Management tooling such as Qualys, Kenna, etc.
  • Mentor and assist other Vulnerability Management staff.
  • Partner with internal security teams (SOC, Sec Engineering, GRC, etc.) regarding ways to detect or block exploitation.
  • Automate repetitive processes within the service.

Factors for Success
  • 5+ years of experience in Information Security.
  • 2+ years of experience working as part of a Vulnerability Management team.
  • The ability to serve as a subject matter expert (SME) regarding threats and vulnerabilities.
  • Strong knowledge industry standards and guidelines regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Open Web Application Security Project (OWASP), and VM Maturity Models
  • Understand and be able to translate to a non-technical audience, penetration test findings, impact and recommendations.
  • Relevant professional certifications such as SANS GEVA/GPEN, CISSP and/or equivalent professional experience, education or skills.
  • Experience with Vulnerability Management tools such as Qualys, Kenna, CloudGuard, SonarQube, JFrog/XRay, etc.

Skills:
  • Experience with Vulnerability Management tools such as Qualys, Kenna, CloudGuard, SonarQube, JFrog/XRay,
  • Experience working on a vulnerability management team performing vulnerability scanning, configuration management, penetration testing, etc.

Nice To Have
  • DAST
  • IAST
  • Penetration Testing
  • RASP
  • SAST
  • Vulnerability scanning integration into CI/CD pipelines
  • Vulnerability scanning of container technologies
Contact: agamino@judge.com

This job and many more are available through The Judge Group. Find us on the web at www.judge.com


This job has expired.

More IT jobs


American Cybersystems, Inc.
Albany, New York
$57.69 - $72.11 per hour
Posted about 2 hours ago

American Cybersystems, Inc.
Holly Springs, North Carolina
$30.00 - $33.00 per hour
Posted about 1 hour ago

American Cybersystems, Inc.
Charlotte, North Carolina
$33.00 - $36.00 per hour
Posted about 1 hour ago

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.