Security Analyst, Vulnerability Management - Thermo Fisher Scientific Inc. Frederick, MD, United States Bookmark Share Print 520 2 9

Listing Description

The Vulnerability Management Infrastructure Specialist will be working closely with the Cyber Security Program Manager – Vulnerability Management to support multiple stakeholders through the vulnerability management process. He/she will be responsible for maintaining configuration items and executing functions on the vulnerability management platform, which includes but not limited to scans in support of regulatory guidelines and proactive vulnerability detection. The person will be responsible for composing essential documentation (procedures, scanning reports, remediation reports, etc.), providing analysis and metrics on vulnerabilities, and driving remediation of vulnerabilities throughout the organization. The ideal candidate is very detailed oriented with strong written and oral communication skills as well as an intermediate technical background.

http://jobs.thermofisher.com/ShowJob/Id/67242/Security-Analyst,-Vulnerability-Management/

Please apply directly via our site. Link shown above.Key Responsibilities:

Oversee the development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support;

Drive automation of vulnerability management platform and processes;

Understanding of infrastructure and cloud vulnerability scanning;

Basic understanding of how to classify and prioritize the risk of new vulnerabilities based on the company’s environment;

Maintain metrics and reports on vulnerability findings and remediation compliance;

Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams;

Provide technical support to business/system and technology owners to propose mitigation and remediation solutions to identified issues;

Assist with routine compliance and audit functions to ensure regulatory scanning requirements are satisfied;

Document and report on processes and procedures;

Provide input to the department’s leadership for enhancing the vulnerability management strategy;

Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities;

Develop infrastructure and cloud vulnerability expertise to function as subject matter expert in multiple technical or business disciplines; and

Develops strong partnerships with business clients, software vendors and other technical resources;

Provide assistance to the Cyber Security Program Manager – Vulnerability Management as directed.

Minimum Requirements/Qualifications:

AA or High School Diploma with 5+ years in IT Operations or Security Operations preferred

3+ Years of Information Security Experience, working with Vulnerability management tools;

Sec+, SSCP, GIAC Security Essentials, and other security related certifications a plus;

Strong knowledge of threats and vulnerabilities associated with cloud, and network security;

Sense of urgency to address new technologies being deployed;

Demonstrated ability to work effectively in an ambiguous environment;

Strong oral and written communications skills;

Strong analytical and problem-solving skills and proactive thinking skills;

Basic level familiarity with Enterprise Vulnerability Management tools such as Rapid 7 InsightVM, Nessus, Qualys, Blackduck, and Fortify;

Basic level familiarity with Cyber Security Regulatory Compliance bodies such as PCI, SOX, ISO27001, and others to be defined.

Non-Negotiable Hiring Criteria:

Strong attention to detail, organizational skills, time management

Excellent verbal and written communication skills

The ability to interact professionally with a diverse group: executives, managers, and subject matter experts

The ability to take direction and independently work through projects as required.