Analyst, IT Vulnerability Management

Company: Saxon Global
Location: Fort Worth
Posted on: May 27, 2023

Job Description:

Specifically, youll do the following:
--- Performs discovery scanning via the Vulnerability Management Platform (scheduled and ad-hoc)
--- Provides gap analysis to compare the list of known resources so gaps can be investigated and owners identified
--- Identifies resource types (e.g. router, desktop computer, server, network switch, firewall, etc.), operating systems, and whether active services are "Enterprise" level
--- Tracks via remediation management system and provides a wiki-style format to capture recommendation, analysis and facts, and links to other research
--- Populates data visualization tool (such as Tableau, Brinqa, and Hygieia) for reporting vulnerability metrics by system and owner
--- Researches vulnerabilities to determine attack vectors and possible vulnerable targets and launches specific scans and reports for that vulnerability in VM scanning tool(s).
--- Coordinates with business, IT teams, and Technology Risk Management (TRM) to remediate compliance findings in a timely manner while addressing risk reduction objectives
--- Defines, manages, and measures security configuration baselines in line with internal policies/standards and CIS benchmarks
--- Defines and manages cloud specific technical security policies (CSA security guidance)
Qualifications
Required Qualifications
--- Bachelors degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
--- 3 years of hands-on technical security engineering experience
--- Certifications: CISSP, CISM, CISA, CEH, GCIH, GSEC, GCFA, GREM, CCENT
--- Ability to install, configure, troubleshoot, and administer VM Platform(s). (Ex.Tanium, Tenable, Coverity, Brinqa, etc.)
--- Experience with Tanium programming or creating custom configurations within Tanium
--- Experience with dynamic and static code analysis experience (e.g. QualysWAS, SAST tools, Tenable)
--- Experience with security configuration checklists (e.g. CIS Benchmarks and CSA security guidance)
--- Familiarity with NIST Special Publications (e.g. 800-171,800-53, CSF)
--- Familiarity with PCI DSS Compliance standards and scanning practices
--- Ability to code and script Python, SQL, BASH, or PowerShell
--- Ability to configure and use technical assessment tools such as Tanium Comply and Tenable Nessus
--- Deep understanding of the technical architecture of IT systems built using Windows, UNIX, Linux, Solaris, VMware, Citrix, Oracle, and MySQL platforms
--- Experience and knowledge in cloud and Kubernetes environments. (Azure Kubernetes Service, IBM Kubernetes service, Oracle Cloud Infrastructure, etc..)
--- Experience in DevOps Toolchain methodologies, including Continuous Integration and Continuous Deployment
Preferred Qualifications
--- 5+ years of hands-on technical security engineering experience
--- Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups; strong
--- presentation and technical documentation skills
--- Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills
--- Ability to work well within a team environment, as well as independently
Required Skills : Word
Basic Qualification :
Additional Skills :
Background Check :Yes
Drug Screen :Yes
Notes :
Selling points for candidate :
Project Verification Info :
Candidate must be your W2 Employee :Yes
Exclusive to Apex :No
Face to face interview required :No
Candidate must be local :Yes
Candidate must be authorized to work without sponsorship ::No
Interview times set : :No
Type of project :
Master Job Title :Misc: Non-Technical
Branch Code :Ft. Worth

Keywords: Saxon Global, Fort Worth , Analyst, IT Vulnerability Management, Executive , Fort Worth, Texas