Vulnerability and Threat Management Analyst - Prove Denver, Colorado, United States Bookmark Share Print 45 0 0

Listing Description

The Vulnerability and Threat Management Analyst is an essential part of protecting, assessing, and monitoring the organization’s assets. This role has direct input into how the Information Security program prevents security incidents. In this role, you will be responsible for configuring vulnerability and threat intelligence scans, researching the latest threats, conducting risk assessments, coordinating remediation of identified risks, performing penetration testing and reporting on compliance. You will track the status of the program, working with partners throughout the company to ensure systems are implemented successfully and vulnerabilities are remediated inline with policies. Partnering with analysts, architects and engineers (for on-prem & in-cloud solutions) is necessary to identify, assess, and remediate cyber threats and risks. Problem solving and analytical skills is a major component of this role, along with understanding the organization’s systems and helping to configure the best security posture. Staying up to date with the latest security standards and security products is a must. Additional responsibilities include, developing and maintaining policies and participating in Incident Response.


Responsibilities


As a member of the Information Security team, the Vulnerability and Threat Management Analyst will:



  • Oversee Prove’s Vulnerability and Threat Management Programs responsible for identifying, reporting and remediating vulnerabilities and threats in cloud, enterprise and infrastructure systems.

  • Work with Security Analysts to monitor day-to-day operations and security solutions.

  • Review logs and reports of devices, virtual tools and other security tools.

  • Triage and escalate high risk and zero day exploits and provide remediation recommendations.

  • Work within the Security Development Life Cycle to: design, build, and maintain security in COTS and in-house developed systems.

  • Identify potential threats within architectures and designs to ensure alignment of Information Security policies with new solutions.

  • Act on alerts from Threat Intelligence and DLP solutions, which can include end user training on safe practices.

  • Guide teams within the organization through security related processes required for regulatory compliance and best practices.

  • Identify, report, and assign risk to discovered vulnerabilities.

  • Coordinate updating and patching of software and systems based on pre-defined SLA’s.

  • Work with Prove’s Security Operations Center responding to alerts and monitoring for security incidents.

  • Assess a system’s ability to defend against, respond to, and recover from cyber and social engineering attacks.

  • Hold teams accountable for SLA obligations, which can include escalation of issues in a timely fashion.


Education & Experience



  • Must have:

    • Four to Seven (4 - 7) years of related experience, specifically in Engineering/IT Operations, Security Operations, Vulnerability Management, and/or Incident Response.

    • A bachelor’s degree or equivalent.

    • Hands on experience with Vulnerability Scanning & Management tools (Nexpose, Tenable, Prisma Cloud, Kenna Security).

    • Hands on experience with SAST, DAST, SCA and DLP tools.

    • Hands on experience testing application, OS, system and cloud vulnerabilities.

    • Understanding of PCI DSS, HIPAA, SOC 2 Type 2 and NIST requirements and policies.

    • Understanding of a Security Development Life Cycle.

    • Knowledge of Incidence Response policy, process, and execution.

    • Ability to communicate network, cloud and system security issues to fellow analysts and engineers.




Demonstrate the ability to learn and develop as a self-starter requiring little direction.


 The salary range for this role for Denver, Colorado only is $85,000 - $105,000. Offered salary will be determined by the applicant’s education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.


This position is eligible to participate in the annual incentive program.  Prove’s Benefits include but are not limited to:

-Excellent health, dental, and vision insurance that begins on your first day of employment

-401(k) plan with company match

-Unlimited vacation time 


This position description should not be considered the final description of the position. It should be assumed that we would, to some extent, structure responsibilities in accordance with the successful candidate’s capabilities and changing business conditions.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765