Senior Vulnerability Mgmt Analyst
Senior Vulnerability Mgmt Analyst
Job Number: 20-01439
Make an impact in Media! Eclaro is looking for a Senior Vulnerability Mgmt Analyst to support our client in Burbank, CA.
Eclaro’s client is a global media company and leader in digital content production. Their portfolio of networks include some of the best known brands in news, sports and entertainment. If you’re up to the challenge, take a chance at this rewarding opportunity.
- Responsible for implementing, configuring and maintaining vulnerability and compliance scanning tools
- Conduct scheduled and ad hoc application and system scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and communicate findings effectively
- Ensure data flows are maintained between internal tools and enterprise wide reporting dashboard
- Develop and manage scanning/profiling tools and automated tasks
- Perform and post results of scheduled and on demand vulnerability assessments
- Provide technical feedback on proposed solutions to identified vulnerabilities
- Interface with vendor support teams to keep abreast of developments in product lines
- Research security testing tools, techniques, and processes
- Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities
- Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes
- Monitor team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the security operations center (SOC)
- Promote collaboration with our stakeholders and Red Team researchers to prioritize the remediation of vulnerabilities and close potential attack vectors
- Understand asset criticality and the identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected
- Develop the vulnerability reports and score cards that define current state of the corporate network security risk posture
- Mentor and train more junior staff in vulnerability management and awareness. Prioritization of vulnerabilities, attack techniques, tool/exploit development, intelligence analysis and adversarial tactics
- Work closely with Security Incident Response Team and Architecture team members to help improve the team's abilities in Detection, Prevention and Response capabilities
- Work with business leaders and other ISO staff to prioritize vulnerability findings for remediation
- 4+ years of cyber security experience specifically working in Vulnerability Management
- 4-6 years of technology experience
- Ability to utilize best in class practices and determine best remediation path
- Advanced level knowledge of security algorithms, protocols and standards
- Advanced level knowledge of Windows and two or more of the following operating systems; *NIX, OS X, iOS, etc.
- Demonstrated knowledge of OWASP and SANS testing methodologies, and related tools such as Qualys, Splunk, AlertLogic, Burp, nmap, Metasploit, etc.
- Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel) and other standard (Customer specified) applications
- Demonstrated knowledge of TCP/IP protocols, network analysis, and network/security applications
- Demonstrated experience with scripting languages, such as PowerShell, Python, Bash, PHP, etc.
If hired, you will enjoy the following Eclaro Benefits:
- 401k Retirement Savings Plan administered by Merrill Lynch
- Commuter Check Pretax Commuter Benefits
- Eligibility to purchase Medical, Dental & Vision Insurance through Eclaro
If interested, you may contact:
Chris Sta Juana
Chris Sta Juana | LinkedIn
Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.