What are the responsibilities and job description for the Jr Vulnerability Assessment Analyst position at Integres?
Job Description
We are looking for a Jr. Vulnerability Assessment Analyst with project lead experience and hands-on engineering experience. The Vulnerability Assessment Analyst will be responsible for the planning, implementation, maintenance, and support of the vulnerability management program for a state-level department of IT, Security Assessment Function.
Duties and Responsibilities :
- Daily oversight of vulnerability management program
- Serve as liaison between Security Assessment and Security Operation Center (SOC) functions on matters pertaining to vulnerability scanning for security assessment efforts
- Plan, execute, monitor, control, and successfully close vulnerability management projects / tasks
- Configure and schedule patch and secure configurations audit scan jobs (vulnerability scans)
- Maintain configurations of patch and secure configurations scan jobs, i.e., asset lists, scan plugins, STIGs audit files, CIS Benchmarks audit files, and scan credentials
- Troubleshoot and resolve failed patch and secure configurations scan jobs, i.e., missing credentials, asset list updates, firewall issues
- Analyze patch and secure configurations audit scan results and identify and document technical and procedural vulnerability findings
- Research resolution strategies / measures for identified vulnerability findings and provide remediation / mitigation recommendations
- Identify false positive findings and determine and advise on the criteria for validating the findings i.e., required artifacts
- Prepare vulnerability management reports on the status of patch and secure configuration audit scans and associated remediation efforts
- Communicate status vulnerability management efforts to include regular scheduled reports and as well as ad hoc reports
- Ensure the vulnerability management platform maintains updated versions of secure configurations scans audit files i.e., proprietary vendor audit files, STIGs audit files, CIS Benchmarks audit files
- Ensure that vulnerability management services are operating as expected i.e., completeness of the of each scope scan jobs, timely completion of scan jobs, up-to-date patch audit plugins
- Ensure proper functioning of integrations between the vulnerability management platform and other tools such as asset management and risk management platforms
- Ensure and data updates from vulnerability management platforms to asset management and risk management platform are running as scheduled
- Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
- Development and implementation operational and technical vulnerability management policies
- Defining, developing, implementing, and processes and procedures for to support and maintain vulnerability management program
Qualifications : Qualifications
Education and Years of Experience :
Required Skills / Certifications :
Additional Information
Integres offers competitive salaries bolstered by a comprehensive benefits package, which provides safety and security for our employees and their families. Our generous benefits package includes :
Integres is an equal opportunity affirmative-action employer. We encourage Minority / Female / Protected Veteran / Disabled applicants to apply. Integres, LLC proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime, or Campaign Badge Veteran, Armed Forces services Medal, or any other characteristic protected by law.
All your information will be kept confidential according to EEO guidelines.
