Browse Jobs
For Employers
Post JobLog inGet Started

Vulnerability Management Analyst

Master Linux
Downtown, Cairo
Posted 4 years ago
13Applicants for1 open position
  • 13Viewed
  • 5In Consideration
  • 4Not Selected
Search other opportunities

Job Details

Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:

Skills And Tools:

Job Description

Master Linux is recruiting for one of big banks in Egypt an experienced Vulnerability Management Analyst & Security Controls Assessor. This is a hybrid job combining vulnerability management analysis and security controls assessments, which will involve a variety of assessment and analysis duties, including:
 

Responsibilities:

Perform vulnerability assessment scans on a daily basis against:

  • Host-based (various operating systems, virtual, networking components)
  • Web Applications (Apache, IIS, Nginx)
  • Code Reviews (.NET, Java, Jscript, C++, etc.)
  • Perform analysis of scan results to determine applicability on a daily basis.
  • Provide remediation guidance to system owners and stakeholders on a daily basis.
  • Use expertise to provide mitigation strategies to help remediate vulnerabilities on a daily basis.
  • Continually maintain the health of vulnerability scanning tools and ensure they are operating as expected on a daily basis.
  • Review scan results from various tools and incorporating those results in the System Assessment Report (SAR).
  • Work with vulnerability scanning tool support engineers to identify, troubleshoot, and remediate issues on a daily basis.
  • Perform compliance scans against defined HRSA baselines on a weekly basis or as needed.
  • Provide process improvement recommendations for day-to-day operations.
  • Provide recommendations to system owners and information system security officers (ISSOs) for remediating vulnerabilities.
  • Provide support to the Incident Response and Investigation Teams when called upon.
  • Provide occasional training of vulnerability management tools to stakeholders.
  • Write supporting documentation of vulnerability management processes and procedures.
  • Work with the HRSA Risk Management team to determine risks to the system based on vulnerability results and compensating or mitigating controls in place.
  • Help manage the risk management (RM) team in reviewing documents from customers and interactions with customers on behalf of the team.
  • Perform security control assessments (full and annual assessments) and develop assessment-related documentation (e.g., SAP, SAR, POA&Ms).
  • Review POA&M weaknesses prior to closure to ensure remediation.
  • Perform tool upgrades, updates, and patches as necessary.
  • Develop vulnerability reports and dashboards, in order to provide new insight into existing vulnerabilities.
  • Implement various levels of automation among tools in the SOC’s cyber security ecosystem and/or the HRSA IT Infrastructure to improve the effectiveness and efficiency of vulnerability management.
  • Conduct baseline configuration compliance scanning and work with system administrators to correct configuration issues to ensure compliance with agency configuration requirements.

Job Requirements

  • Minimum of 5 years of experience in both vulnerability management as well as security control assessments
  • Experience writing Security Assessment Reports (SARs) for documenting security assessment results
  • Experience reviewing scan results from various tools and incorporating results in in the security assessment process.
  • Experience providing recommendations to system owners and ISSOs for remediating vulnerabilities.
  • Position requires technical knowledge in computer network theory, IT standards and protocols, as well as an understanding of the lifecycle of cyberspace threats, attack vectors, and methods of exploitation.
  • Experience with vulnerability assessment and reporting including comprehensive understanding of Vulnerability Management methodologies and procedures.
  • Experience implementing, managing or governing security technologies, including vulnerability scanning tools (Nmap, Openssl, Nessus, BigFix, or similar vulnerability scanning tools) is required.
  • Operating system concepts - experience with both Windows and Linux environments.
  • Static code scanning experience preferred but not required.
  • Bachelor's degree in IT or related field

Featured Jobs

Similar Jobs

Search other opportunities
JobsIT/Software DevelopmentVulnerability Management Analyst