Vulnerability Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the vulnerability analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

A Reilly

Antonette

Reilly

3709 Schuppe Isle

Houston

+1 (555) 606 0094

3709 Schuppe Isle

Houston

Phone

p +1 (555) 606 0094

Experience Experience

Philadelphia, PA

Vulnerability Analyst

Philadelphia, PA

Beahan-Hermiston

Philadelphia, PA

Vulnerability Analyst

Guiding the development of information security standards, guidelines, and policy
Knowledge of industry standard scoring models such as CVSS, CCSS
Provide technical consultation on application design, architecture and system performance, and evolving technologies
Conduct research on and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption
Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions for standards such as PCI, ISO 27001 and CoBIT
Responsible for identifying and classifying cyber security vulnerabilities and work on mitigation plans with system owners, ensure plans are documented understood and track the results of the plan execution
Provide analytical support to critical infrastructure incident response activities led by the Department of Homeland Security (DHS), Office of Cyber and Infrastructure Analysis (OCIA), Analysis Section

Philadelphia, PA

Threat Intelligence & Vulnerability Analyst

Philadelphia, PA

Borer and Sons

Philadelphia, PA

Threat Intelligence & Vulnerability Analyst

Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
Help build/improve an exception process to manage policy compliance deviation
Perform policy compliance scans and deliver reports to the technology owners
Work with technology owners to validate the policy compliance profiles Review the policy compliance scan results with stake holders
Onboard the assets for target technologies in enterprise security tool
Knowledge of scripting languages like python and Perl

present

Boston, MA

All Source Threat & Vulnerability Analyst

Boston, MA

Osinski, Gutmann and Jaskolski

present

Boston, MA

All Source Threat & Vulnerability Analyst

present

Perform research and conduct assessments of emerging threats
Perform all source threat analyses of threats to DC&MA's assets and programs
Utilize a structured analytical process to identify physical, information, personnel, and operational protection gaps that could provide an adversary with insights into CPI/critical information
Assist in the valuation and prioritization of assets based on the consequence of loss
Performs other security related duties as directed
Ensure compliance in accordance with National Industry Security Program DoD 5220.22-M
Assist in the integration of assessment of assets, threats and vulnerabilities and assists in weighing the calculated risk against the projected cost of security

Education Education

Bachelor’s Degree in Mechanical Engineering

Columbia University

Bachelor’s Degree in Mechanical Engineering

Skills Skills

Wide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT security
Knowledge of vulnerability attack methods, exploit results, attack chains
Highly motivated self-starter with ability to multitask and complete assignments within time constraints and deadlines
Strong work ethic and ability to effectively multi-task in a fast paced support environment
Professionalism, dependability, integrity and trustworthiness combined with a cooperative attitude
Knowledge of penetration testing concepts and tools
Experience with vulnerability scanning tools
Knowledge of network routing and switching
Knowledge of interrogating networks
Experience with the Palantir platform highly desired

Create a Resume in Minutes

15 Vulnerability Analyst resume templates

Read our complete resume writing guides

Vulnerability Analyst Resume Examples & Samples

Experienced with modeling and simulation
Experience with MathWorks MATLAB
Experience with computer programming, including Matlab
Experience with engineering or physics
1+ years of experience with computer-aided design (CAD) software packages, including SolidWorks
Knowledge of FORTRAN programming a plus
Knowledge of Linux and other UNIX-based systems preferred

Vulnerability Analyst Resume Examples & Samples

This role can be located in our Stamford, Chicago, and Alpharetta office or remote
Analyze vulnerability test reports and suggest remediation / mitigation plan. Includes ability to prioritize process and reporting enhancements
Use and/or enhance metrics to track the performance and efficiency of the VM (vulnerability management) effort
Coordinate, manage and conduct network vulnerability tests and remediation with end users; and participate in dynamic/static application code scans/assessments
Determine deviations from acceptable configurations, enterprise or local policy
Keep track of new vulnerabilities on various network and infrastructure components
Utilize both manual methods and automated tools to identify and remediate vulnerabilities
Provide technical consultation on application design, architecture and system performance, and evolving technologies
Conduct research on and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption
Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions for standards such as PCI, ISO 27001 and CoBIT
Bachelor’s degree with a minimum 2 years of Information Technology and/or IT security related experience in software security testing, application security architecture, operating system, network, database OR High School Diploma/GED with a minimum of 4 years IT and/or IT security related experience in software security testing, application security architecture, operating system, network, database
Minimum 2 years of experience with ticket tracking with tools such as ServiceNow or Remedy
A minimum 2 years of experience performing penetration tests using automated security tools and manual techniques
Experience of Network Security technology in areas of Firewall, IPS, VPN, gateway security solutions (proxy, web filtering)
Experience with VM scanning using tools such as Qualys, WebInspect, AppScan, Burp Suite, Nessus, NMAP, Veracode and Fortify
Experience with Unix and Windows platforms
Results driven, strategic, conceptual, and innovative thinker
Understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
Knowledge of databases such as Oracle, DB2, MS-SQL
Programming knowledge of .Net/Python/Perl and strong knowledge of HTML/JavaScript/CSS
One or more relevant security certifications (e.g. GCIA, GSNA, GCIH, CEH, GIAC)
Highly analytical, vision and strong problem solving with a common sense approach to resolving problems
Demonstrated ability to clearly define complex issues despite incomplete or ambiguous information

Vulnerability Analyst Resume Examples & Samples

Intermediate to advanced technical knowledge of, and the ability to recognize, various types of security vulnerabilities
Broad experience across a variety of platforms and operating systems such as Windows, Linux, UNIX, and OS X
Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite, etc
Proficient in network security and patch management
Proficient in network security architecture
Intermediate to advanced knowledge of TCP/IP networks, ports, protocols, and infrastructure setup
Intermediate to advanced knowledge of web server software, including Microsoft IIS and Apache web servers
Intermediate to advanced knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
Understanding of web frameworks, including XML, SOAP, JSON and Ajax
Proven analytical and problem solving skills, as well as the desire to assist others in solving issues
Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team
Understanding of C, C#, PHP, and Java
Working knowledge of ethical hacking methodologies such as Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Penetration Testing Execution Standard (PTES), and/or Penetration Testing Framework
A minimum of 8 years of IT experience is required
2+ years of hands-on, dedicated vulnerability management/ penetration testing / ethical hacking experience / red team
CISSP, CEH, GCIH, or other security related certification

Vulnerability Analyst Resume Examples & Samples

Configure vulnerability scans, tailored to specific client requirements
Analyze and understand results to determine existence of security vulnerabilities and identify false positives
Liaise with ISSO and SIRT for proper Risk scoring
Produce vulnerability assessment reports and distribute to IT Support teams (for remediation)
Provide feedback on operational and procedural documentation as required
Consult with other Internal Areas (roles & responsibilities) as required
Develop briefing documents for management concerning security posture
Demonstrate knowledge of IT Security (ITS) interoperability, connectivity and integration issues related to distributed or centralized IT infrastructures
Understand industry’s current direction as it relates to IT Security, and ensure progressing in accordance to both industry’s direction as well as the Government of Canada’s direction
Supporting member as required to the Bell MSSO SIRT (Security Incident Response Team)
Develop weekly, monthly status reports as required
A Government of Canada Security Clearance of Secret (Level II) or above is mandatory
Minimum of 5 years professional work experience which must be directly related to the development of information security solutions and/or the analysis of information security event logs, vulnerabilities etc
Experience in conducting vulnerability assessments
Experience in managing and operating IT infrastructure with hands on experience on Firewall’s, VPN and other Security appliances
Analyze IT solutions and technology infrastructure in order to identify and assess security vulnerabilities, threats, and risks
A security based professional qualification desirable (e.g. CISSP, CISM, CISA)
Think analytically and synthesize technical information from various sources
Write detailed technical reports and recommendations in clear language
Adapt to a changing environment and manage priorities
Bilingual in French and English would be a strong asset

Citi Infrastructure Vulnerability Analyst Resume Examples & Samples

Deep understanding of OSI model
Web development and programming or scriptinglanguages i.e. Python, Perl, Ruby, Java, and/or .Net
Knowledge of tools and processes used to expose common vulnerabilities and implementcountermeasures
Backgroundin a similar role
Being familiar with reverse engineering techniques

M HIS Threat & Vulnerability Analyst Resume Examples & Samples

Analyze cyber threats, vulnerabilities and provide remediation plans
Coordinate with the Incident response teams participating in major and critical security incidents
Perform detailed analysis of the threat including attacker’s capabilities, intentions, motives, tactics, techniques, tools and apply the knowledge to response activities
Ability to conduct vulnerability assessments and penetration testing Provides project
Create scripts and utilities to automate vulnerability scans, analysis and other tasks
Bachelor’s degree or higher from an accredited university
Minimum of one (1)+ years of experience with security tools Example (Nessus, KALI Linux, Metasploit) Course work included
Minimum of one (1)+ years of experience supporting hosted and virtual environments (course work included)
Cloud Security Experience
Incident management, escalation and forensic experience

Vulnerability Analyst, Senior Resume Examples & Samples

5+ years of experience with vulnerability research
Experience with C programming in contemporary Windows or Linux software development environments
Experience with reverse engineering Windows applications and Windows kernel modules using IDA Pro, OllyDbg, Windbg, and others
Experience with implementing cryptographic algorithms
Experience with developing Windows device drivers

Vulnerability Analyst Resume Examples & Samples

8+ years of experience with Tenable Nessus, NMAP, eEye Retina, or other scanning tools, SIEM platforms, performing use case development, engineering support, and SIEM architecture development and implementation
Experience with multiple operating systems, including Windows and Linux-based OS and basic scripting and programming skills in Java, C++, Visual Basic, or other languages required
MS degree in CS, Information Systems Management, Information Security, or Engineering
CEH, CISSP, CAP, SANS GSEC or GCIH, CCNA, or Security+ Certification

Acas Vulnerability Analyst, Mid Resume Examples & Samples

2+ years of experience with IT, including in a network operations center supporting a large-scale IT network
Experience with designing, documenting, implementing, maintaining, and updating the ACAS tool suite, including Nessus scanners, PVSs, and Security Center
Experience with implementing STIGs
DoD 8570.1M IAT III Certification, including CASP or CISSP or Security+ CE Certification with an additional 1 year of experience with Cybersecurity
Experience with Microsoft Office Word, Excel, PowerPoint, and SharePoint
Experience with DoD and Marine Corps Cybersecurity clients
Knowledge of the Information Technology Infrastructure Library (ITIL) framework and employing its processes and procedures to enhance service delivery
BS degree in a technology field preferred

Vulnerability Analyst Resume Examples & Samples

Bachelor’s Degree and a minimum of 5 years’ experience required for the level 3 role
Bachelor’s Degree and a minimum of 9 years’ experience required for the role 4 role
Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment
Experience with technical operation and administrative leadership in support of cyber vulnerability assessments
Windows and UNIX operating systems support experience required
Vulnerability assessment and troubleshooting experience required
Cyber Security integration
CISSP certification

Threat & Vulnerability Analyst Resume Examples & Samples

Work with the Threat and Vulnerability Manager and the Security Operations team to develop and maintain a threat and vulnerability intelligence process that monitors for emerging systems vulnerabilities and cyber threats
Produce weekly and monthly security reporting relating on the Threat and Vulnerability Management services
Collect, aggregate, synthesize, analyse and report on data from multiple sources and formats. Visualisation of data from the issue management tool into management reports
Creation and Collection of new data into fields, workflows, issue types within the issue management tool
Creation of standardised daily reporting processes from the data sets

Vulnerability Analyst Resume Examples & Samples

Responsible for identifying and classifying cyber security vulnerabilities and work on mitigation plans with system owners, ensure plans are documented understood and track the results of the plan execution
Bachelor's degree and 4+ years of experience in cyber security. Additional experience or certification may be considered in lieu of degree
Experience in planning mitigations for systems vulnerabilities
Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties

Vulnerability Analyst, Junior Resume Examples & Samples

Experience with modeling and simulation
Experience with computer programming, including MATLAB
1+ years of experience with Computer-Aided Design (CAD) software packages and SolidWorks preferred
Experience with NX, Pro-E, SolidWorks, or CATIA computer-aided design packages
BS degree in Mechanical Engineering

Vulnerability Analyst Resume Examples & Samples

Operating appropriate vulnerability monitoring tools sets
Analyse results/events from the monitoring tools sets and assess the risk
Carry out analysis to determine the root cause of events, and to provide incident response and reporting in support of operational effectiveness
Analyse virus scanning results and manage/investigate malware outbreaks
Conduct security testing throughout the IS environment, including testing of external portals used by the company
Identify key vulnerabilities and patches from external sources and prioritise vulnerability implementation
Provide security sign off and governance for security devices in the IS environments, including changes to all security devices such as IDS and firewall changes
Support client facing / end user helpdesk and other IT Support Team’s
Responsible to the Head of CSOC for the day-to-day aspects of the various Monitoring tool sets within the ITO managed services network environments
Identify service inadequacies and contribute to the Customer Service Improvement Plan
Maintain an understanding of current and emerging threats and vulnerabilities and security technology developments
Assist in the development of an end-to-end vulnerability process, including reporting of vulnerabilities and escalation of critical vulnerabilities
Candidate will need to become familiar with, adhere to and ensure implementation of all Thales security policies and standards and the change control environment
Ensuring support tickets are fully updated with the most current data. Provide proper escalations and handoffs to management and support staff
Ability to understand business issues and context, with the ability to dive deeply into technology issues, integrate business information and understand the critical role of securing the information system in the organisation
Thorough Data analysis experience and skills
Knowledge of interrogating networks
Experience working within a team environment Working within a team
Some experience either working in a military security background, IT forensics skills and training or a Traditional IT security type role
Hands on Operational Experience with vulnerability management tools

RTB Vulnerability Analyst Resume Examples & Samples

Support Head of RTBVM with Vulnerability Management and Remediation. Deliver prioritised remediation initiatives in line with the team’s objectives
Facilitate in risk and vulnerability assessments of applications and systems to ensure technical vulnerabilities are identified and correctly managed
Ensure that security issues identified during RTB activities are managed, and where appropriate ensuring that RTB vulnerabilities are progressed to BTB projects to ensure appropriate governance to remedial actions
Assist Risk Owners to accurately assess the likelihood and impact of technical vulnerabilities
Provide accurate and timely data for technical vulnerability reports as per approved standards and processes
Prepare intelligent management information sets for the vulnerability exposure position of the production and disaster recovery environments
Articulation of security risk exposure to Run The Bank stakeholders
Provide input to Security Solutions for the creation and update of Secure Builds and Secure Building Blocks
Collaborate with GIS Red Team to capture and oversee the remediation of identified security weaknesses, ensuring these are delivered as BTB project activities where appropriate and adherence to required change governance
Facilitate in the management of non-compliances to Information Risk Standards and Policies for the RTB teams on security issues identified
Facilitate in root cause analysis for wide scale vulnerabilities
IT expertise coupled with understanding of financial services and impacting laws and regulations
Understanding of principles, practices, and techniques related to IT Security
Knowledgeable about existing best practices for integration of security controls
Understands security controls from a people, process and technology perspective. Experienced at implementing or managing risk management processes and tools
Deliver results which add value
Working towards security qualification (CISSP or CISM, Security Testing, Ethical Hacker Certification Preferred)
Relationship, communication and stakeholder management skills
Working in a team and task prioritisation with a focus on delivery
Strong Written and Verbal language skills

Vulnerability Analyst, Junior Resume Examples & Samples

1+ years of experience with Computer
Aided Design (CAD) software packages and SolidWorks preferred
Experience with NX, Pro
E, SolidWorks, or CATIA computer
Aided design packages
Knowledge of Linux and other UNIX
Based systems preferred

Vulnerability Analyst Resume Examples & Samples

Forecasts the effectiveness of proposed countermeasures and evaluates their actual effectiveness after they are implemented
Develops a strategy to address the most serious potential problems first
8+ years’ relevant experience with Bachelor’s degree

Vulnerability Analyst Resume Examples & Samples

Minimum of 1 year experience with enterprise scanning tools
Minimum of 1 year experience with various Linux, Windows, and BSD-based operating systems
In-depth knowledge of system configuration baselines
CompTIA Security+ Certification Required
CISSP or CEH Certification

All Source Threat & Vulnerability Analyst Resume Examples & Samples

Perform all source threat analyses of threats to DC&MA's assets and programs
Perform vulnerability analyses of DC&MA's assets and programs
Perform research and conduct assessments of emerging threats
Develop threat and vulnerability briefings
Perform and oversee research of special topics that may arise coincidently to the technical assessments, and prepare structured studies and analyses as appropriate. Prepare synopses, briefings, and summaries of analyses as required
Assist in the process of selecting and implementing security countermeasures to achieve acceptable levels of risk at an acceptable cost
Assist in the integration of assessment of assets, threats and vulnerabilities and assists in weighing the calculated risk against the projected cost of security
Assist in the valuation and prioritization of assets based on the consequence of loss
Ensure compliance in accordance with National Industry Security Program DoD 5220.22-M

Vulnerability Analyst Resume Examples & Samples

Performing vulnerability watch and processing of incoming vulnerability warnings, alerts and reports
Overseeing the management of known vulnerabilities through established processes and procedures
Validating the existence of suspected vulnerabilities by determining where they are located and how they can be exploited
Verifying that the vulnerability response strategy has been successfully implemented
Performing regular vulnerability scans of system and applications, writing reports including recommendations for improvements and following-up the remediation process for identified vulnerabilities
Participating in the definition of security baselines
Educated to a degree level in Information Technology or equivalent and at least 5 years professional experience
More than 3 years’ experience in Vulnerability analysis
The candidate should hold at least one valid certification or be capable of passing one: GCWN, GCUX, GPEN, GCCC, GXPN or an equivalent one recognised internationally
Fluent in French and English; another European language is a plus

Vulnerability Analyst Internship Resume Examples & Samples

Maintain and execute processes to collect and update vulnerability information to inform customer protection
Provide support to internal teams and clients as needed
Information Technology and/or cyber security related knowledge, expertise, or interest
Interest in learning about classes of software vulnerabilities, appropriate remediation, and industry‐standard classification schemes (CVE, CVSSv2, CVSSv3, CWE, CPE)
Educational background and interest in systems administration, systems engineering, software development, and/or TCP/IP network administration
Educational background and interest in a variety of security‐related processes, including secure coding practices, patch management, vulnerability analysis, or IDS/IPS
Interest in analyzing software vulnerabilities in order to appropriately characterize threat, provide remediation advice, and assign a meaningful severity score/priority

Senior Patch & Vulnerability Analyst Resume Examples & Samples

Responsible for patching assets in development, test and production environments while ensuring quality and minimal impact
Assess security vulnerabilities to identify appropriate remediation: patching, configuration change, deprecation or exception
Responsible for adherence to patch management service level agreements (SLAs)
Provides continual improvement of procedures and standards
24/7 support availability required
Knowledge of security standards/frameworks: NIST, FISMA, RMF required
Experience with WSUS and SCCM required
Experience with HEAT Patchlink required
Proficiency in Windows server and workstation system administration required
Ability to work with multiple teams toward task completion required
Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field OR Minimum five (5) years’ experience in IT or a related field required
Four (4) years’ experience working on project or technical teams preferred
Four (4) years’ experience performing vulnerability assessments of IT technologies preferred
Four (4) years’ experience in IT incident management preferred
Four (4) years’ experience in Windows/Intel administration or Microsoft Certified Systems Administrator (MCSA) preferred

Lead Patch & Vulnerability Analyst Resume Examples & Samples

Coordinates and participates in remediation services to infrastructure teams based on vulnerability and policy compliance scans
Actively participates in strategic and tactical patch and vulnerability management activities
Coordinates and participates in proactively developing patch and vulnerability management procedures and processes in conjunction with business and IT teams
Negotiate, plan and manage patch activities
Utilize tools to automate patch procedures
Present patch and vulnerability status reports to IT and Security teams as well as senior management
Provides leadership, guidance and task assignment to other team members
Experience with Advanced Installer for creation of packages required
Experience with SCCM deployments required
Experience with VMware Virtual Center required
Ability to work with multiple teams toward task completion
Excellent written and verbal communication skills required
Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field OR Minimum five (7) years’ experience in IT or a related field
Five (5) years’ experience working on project or technical teams preferred
Five (5) years’ experience performing vulnerability assessments of IT technologies preferred
Five (5) years’ experience in IT incident management preferred
Five (5) years’ experience in Windows/Intel administration or Microsoft Certified Systems Administrator (MCSA) preferred

Vulnerability Analyst Resume Examples & Samples

Support strategic infrastructure assessments, analytic agenda development efforts, and assigns relative levels of importance to infrastructure resources in coordination with Federal Leads
Support development of strategies to mitigate the most serious infrastructure threats and provide consequence analysis
Collaborate in outreach activities to Federal, State and local government partners (includes coordination with U.S. National Laboratories) and the private sector, including requirements management
Responsible for the analysis of vulnerabilities of and the consequences if an incident is predicted to occur or has occurred to critical physical and or cyber infrastructure within specific critical infrastructure sectors or FEMA regions. Such analysis may include the development of written risk estimates, products, or quick-turn responses to questions and requirements from senior leaders and executives from the Department, State and local government, and infrastructure owners and operators in the form of: In Response to Your Question, Infrastructure Impact Assessment, Infrastructure Note, Infrastructure Quick Looks or other products developed by OCIA
1 to 2 years of relevant experience with Bachelor’s degree; 3 years of experience without a degree

Vulnerability Analyst Resume Examples & Samples

Configure and review scan jobs
Track and monitor vulnerabilities and EOL status for application ecosystems such as Rails, node.js, Java, etc
Triage vulnerability reports using data flow diagrams, threat models, and public intel
Advise system owners and product managers regarding risk, mitigation, and patching
Develop and publish reports

Threat & Vulnerability Analyst Resume Examples & Samples

Significant practiced experience executing and leading vulnerability assessment and penetration testing engagements. Significant, demonstrated knowledge regarding security vulnerabilities, application analysis, and protocol analysis; with a specialization in at least two subject areas
Strong analytical and problem solving skills
Experience devising methods to automate testing activities and streamline testing processes
Significant experience with Linux and Windows operating systems
Practiced experience with common programming or scripting languages
Exploit development experience a plus
Ability to interpret and prioritize vulnerability scan results into remediation actions, track those actions through to completion, and transfer knowledge to others
Demonstrated ability to prepare documentation and presentations for technical and non-technical audiences
Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools)
Ability to understand and articulate information security risks associated with vulnerability and penetration testing
Knowledge of patching programs ofmajor hardware/software manufacturers
Knowledge of secure configuration and hardening of systems
Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice
Significant experience with classes of vulnerabilities, appropriate remediation, and industry standard classification schemes (CVE, CVSS, CPE)
Bachelor’s degree in Computer Science or related field required
At the manager’s discretion, additional relevant experience may substitute for the degree requirement
Typically requires 6 years Security Analyst experience with 5+ years experience performing vulnerability assessments and penetration testing
Experience applying ethical hacker techniques, phishing schemes, emerging logical security threats, and compromised server techniques
Current CEH, GPEN, CISSP, and GCIA certifications preferred

Vulnerability Analyst Resume Examples & Samples

Wide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT security
Knowledge of application development platforms
Coordinates delivery of project milestones, ensures projects stay on target, escalating and identifying roadblocks
Must be able to identify, analyze and address problems to resolve issues whenever possible in way that minimizes negative impact and risk to the organization
Strong work ethic and ability to effectively multi-task in a fast paced support environment
Ability to work independently on initiatives with little oversight
Highly motivated and willing to learn
Must have strong leadership skills and qualities which enable you to work with peers and various levels of management
Ability to write scripts and query databases to extract and transform data
Exceptional analytical and critical thinking abilities; Able to develop and convey a point of view
Knowledge of industry standard scoring models such as CVSS, CCSS
Knowledge of industry standard data models such as CPE and data normalization tools
Knowledge of vulnerability attack methods, exploit results, attack chains
Ability to think strategically and execute against a strategic plan
Professionalism, dependability, integrity and trustworthiness combined with a cooperative attitude
Able to thrive in a dynamic team environment
Individual with desire to learn and teach others, high energy, positive attitude
Bachelor’s degree or 5+ years work experience in IT
Knowledge of security research tools, and products
SANS certifications and CISSP preferred
Ability to write develop scripts for automating routines
Ability to develop applications/solutions for enhancing and automating daily routines
Ability to work with Technical and Non Technical business owners

Vulnerability Analyst Resume Examples & Samples

Prepare and review security assessments for new and existing information systems, applications, and information technology services of Michigan Medicine Service Providers for compliance with U-M and Michigan Medicine policy and procedure, as well as relevant legal and regulatory requirements and security standards
Use tools and methodology to assess the information security risks associated with sensitive and mission critical systems based on the NIST 800-53 security control framework
Mentor junior members of the team. This may include reviewing work for adherence to standards, provide coaching guidance, and provide solutions to problems arising during assessments or other projects
Develop mitigation strategies to bring risk levels into an acceptable range and assist and support the Michigan Medicine Service Providers with those remediation activities
Identify information security risk areas where further awareness and training is needed
Compare, evaluate, and recommend improvements in policies, procedures, and technical safeguards to address significant risks to the security of Michigan Medicine information systems and data
Detect and/or assess the impact of reported vulnerabilities; implement mitigation strategies based on severity
Identify sensitive data and provide input for proper storage and protection
Make recommendations and participate in the development of information assurance policies and procedures
Participate in the development of education and awareness efforts and the timely dissemination of security information to staff and end users
Lead process improvement and problem management of risk management functions within the Michigan Medicine information assurance team
Balance and adjust security decisions based on qualified data with an understanding of operational business risks versus security threats
Build good relationships with teams, and stakeholders at all levels (e.g. management, colleagues, and employees) using strong competencies to build trust, change perceptions, effectively communicate, and influence
Provide input to the Health System Chief Information Security Officer in the strategic planning and improvement of security service capabilities
Communicate and coordinate with information sharing and analysis centers (NH-ISAC)
Collaborate with teams, stakeholders and business partners to understand and implement improvement opportunities
Ensure parameters are established and monitor process quality and performance metrics; create analysis and trending reports from performance data associated with process operation to influence decisions effectively in areas of risk management solutions and services
Inspire and influence teams including staff and Health Information Technology & Services business partners to deliver risk management solutions and offerings effectively to the academic medical center’s community
Continually improve security service solutions and offerings by keeping up-to-date on security conferences, seminars, reading, research, and testing
Guiding the development of information security standards, guidelines, and policy
Develop sound relationship with internal and external customers by providing accurate and effective support
Minimum of 7 years experience in information systems security

Cybersecurity Vulnerability Analyst Resume Examples & Samples

Collects intrusion artifacts (e.g., source code, malware, trojans) and uses discovered data to enable mitigation of potential incidents within the enterprise
Trouble-shoots moderately complex issues with existing security and privacy protection protocols
Performs technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, and supporting infrastructure)
Conducts and/or supports authorized penetration testing on enterprise network assets
Possess knowledge, experience and understanding of vulnerability management framework and process application.Possess advanced knowledge related to administration, operation, and application of vulnerability scanning technologies
Detect, identify, and assess network vulnerabilities and system vulnerabilities based on cyber security vulnerability reporting cycles
Characterize the risk associated with identified vulnerabilities based on the threat impact for a single or combined number of vulnerabilities
Provide mitigation recommendations on how to eliminate or reduce risk factors based on architectural, network, hardware, firmware, and software configuration approaches
Prioritize vulnerability finding notification based on the criticality (risk) score of a single or multiple composite vulnerabilities
Coordinate with organizational and system stakeholders by tracking and reporting periodic (i.e. daily, weekly, etc.…) vulnerability analysis and vulnerability assessment results
Perform system administration of vulnerability management systems that are used to perform automated and manual assessment methodologies, practices, and remediation
Test, implement, and deploy the most recent vulnerability scanner configurations to increase the accuracy and improve analysis capabilities of vulnerability management technologies
Research and present recommendations and approaches to enhance vulnerability remediation techniques
Documented processes and operational processes, based on best practices to assist in the remediation of vulnerabilities
Conduct troubleshooting of vulnerability system errors and assist or conduct repairs to return the vulnerability scanning system to service
Develop and compose vulnerability management system standard operating procedure documentation using best practices
Partner with colleagues to support Cummins project goals and objectives for safe and secure operations

Vulnerability Analyst Resume Examples & Samples

4+ years of science and technical intelligence (collection requirements generation and/or work at military department production center)
Advanced Persistent Threat (APT)
Vulnerability Assessments
Knowledge of intelligence threat assessments and vulnerability assessments
Production of Intelligence Collection requirements
Experience with the Palantir platform highly desired
Military experience preferred

Vulnerability Analyst Resume Examples & Samples

18-36 months Information Technology Security related experience
Knowledge of network routing and switching
Experience with vulnerability scanning tools
Knowledge of penetration testing concepts and tools
Understanding of Intrusion Detection/Prevention
Working knowledge of firewalls
A foundation in Linux/Windows/OSX operating systems
Independently learns appropriate techniques to apply and adapt new ideas in related, different or changing situations
Demonstrated excellent organizational, oral and written communication skills

Threat Intelligence & Vulnerability Analyst Resume Examples & Samples

Responsible for providing governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation
Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
Translate Technical Security Standards into policy compliance profiles in enterprise security tool
Work with technology owners to validate the policy compliance profiles Review the policy compliance scan results with stake holders
Onboard the assets for target technologies in enterprise security tool
Create required authentication records for target technology assets in enterprise security tool
Perform policy compliance scans and deliver reports to the technology owners
Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to manage the TVM Team to develop and update as appropriate
Be able to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services
Experience with analytical tools SAS or R or Python
Experience with business intelligence and dashboard generation
Experience working with big data e.g. Hadoop/Hive/Spark/Splunk. Preferably Splunk
Expert at Excel
Exposure to Qualys APIs
Knowledge of scripting languages like python and Perl
Understanding of CIS-Benchmark and NIST framework
In-depth knowledge performing vulnerability management and policy compliance scan
In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL)

Vulnerability Analyst, Senior Resume Examples & Samples

8+ years of experience with IT
5+ years of experience with vulnerability tool configuration, deployment, and engineering and defining policies and procedures based on government best practices
Experience with virtualization and the concept of containerization, including Twistlock
Experience with enterprise monitoring systems and SIEM ecosystem components, including IDPS, traditional and next generation endpoint protection, Web or Internet proxy, log aggregation, and NGFW
Knowledge of networking, including OSI network layers, TCP/IP, firewalls, and load balancing
Knowledge of installation, configuration and troubleshooting of UNIX or Linux-based environments
Ability to review vulnerability scans and manage efforts to ensure all internal systems are fully patched and configured compliant with required government or equivalent regulations

Vulnerability Analyst Resume Examples & Samples

Update and maintain the SOPs for the Vulnerability Management Program
Conduct vulnerability auditing on 100% of DSS Information Systems with the DISA Assured Compliance Assessment Solution (ACAS), current vulnerability auditing solution, or a combination of solutions. Weekly audits will be delivered to the system owners and on demand audits will be performed on devices not accessible during automated vulnerability audits on all DSS enclaves
Maintain a dashboard on DSS CND SharePoint with current vulnerabilities, IAVMs on DSS computing devices. Include associated ACAS plugins, suspense dates, POAM status, system owners, percentage of compliance, and status
Maintain a dashboard with the current Security Requirements Guides (SRG) and Security Technical Implementation Guides (STIG) and implementation status on DSS environment. Include associated vulnerabilities, suspense dates, POAM status, system owners, percentage of compliance, and status
Conduct monthly audits to include but not limited to STIG-SRG, SCAP, and all system vulnerabilities in compliance with mandated DOD directives
Conduct and report daily audits in support of identity assurance in order to validate user accounts, computer accounts, privileged accounts, system accounts, and report any anomalies to Incident Responders
Coordinate the assessment of vulnerabilities with system owners
Provide detail vulnerability reports
Assist other team members with developing mitigation plans
Support system administrators with resolution of vulnerability findings
2 years’ of Cyber Security experience (0 Years’ with a Master’s degree) with a Bachelor’s degree in a technical specialty: cyber security, computer science, or similar field. Note, we may consider four (4) additional years of relevant experience in lieu of a degree
Experience with Vulnerability Management in a DoD environment
Experience working with a combination of ACAS, SRG, STIGs, IAVMs
Experience with Cyber security policies, operations, and reporting requirements
IAT-I, II or III IA Baseline Certification (SEC+, CISSP, etc.)
CND IA Auditor Baseline Certification: (CEH, CISA, GSNA)
Computing Environment or OS Certificate
Must possess an active/current TS/SCI clearance
CEH certification
CCNA certification
Familiar with any of the following: Akamai, Splunk, Cisco, McAfee, SCAP, ACAST, F5