Vulnerability Management Analyst Resume Samples

4.7 (104 votes) for Vulnerability Management Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the vulnerability management analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
GH
G Hand
Gerda
Hand
6486 Woodrow Mountains
Detroit
MI
+1 (555) 261 0102
6486 Woodrow Mountains
Detroit
MI
Phone
p +1 (555) 261 0102
Experience Experience
Boston, MA
Vulnerability Management Analyst
Boston, MA
Bosco-Jones
Boston, MA
Vulnerability Management Analyst
  • Work with internal business units to drive secure configurations in images used for desktops, servers, network devices, and wireless network devices
  • A working knowledge of vulnerabilities and configuration settings and their exploitation in order to gain access to networks, applications, hosts, and desktops
  • Work with computer operations to define standard operating system builds and configurations and develop effective build maintenance processes
  • Develop and maintain server software inventories and manage application whitelisting solutions
  • Knowledge of and familiar with identity and authentication management and their architecture
  • Provide all assigned responsibilities as part of an on-call rotation
  • Provide recommendations on improving the security posture of the client’s enterprise
San Francisco, CA
Threat & Vulnerability Management Analyst
San Francisco, CA
Fritsch-Mann
San Francisco, CA
Threat & Vulnerability Management Analyst
  • Collaborate with CCB Cyber Security, Global Technology Infrastructure, Corporate Cyber teams, and Line of Business Information Risk Management teams for issue resolution and mitigation
  • Support innovation and enhancement efforts within the CCB Cyber Security function
  • Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs
  • Understand approaches for addressing vulnerabilities including system patching, deployment of specialized controls, code or infrastructure changes, changes in development processes, cloud and mobile devices
  • Identify and resolve any false positive findings in assessment results
  • Documents all issues and assists in their resolution
  • Delivers security training and education to technical staff within findings and acts as an internal security consultant to advise or influence business or technical partners
present
Chicago, IL
Senior Vulnerability Management Analyst
Chicago, IL
Bradtke Inc
present
Chicago, IL
Senior Vulnerability Management Analyst
present
  • Work independently and manage workload with organization to meet expectations and objectives
  • Develop processes and implement tools and techniques to perform ongoing security assessments of the environment
  • Help standardize processes and procedures and provide improvement
  • Work on multiple projects simultaneously, set priorities and meet deadlines
  • Central tracking and management of enterprise vulnerabilities
  • Keep current with vulnerabilities, attacks, and countermeasures as well as devoting time to research and development activities
  • Implement processes and manage tools used to identify vulnerabilities and track their remediation within the GM environment
Education Education
Bachelor’s Degree in Information Systems
Bachelor’s Degree in Information Systems
University of Memphis
Bachelor’s Degree in Information Systems
Skills Skills
  • Demonstrates competence and attention to detail in performing task activities
  • Mature, self-motivated, adaptable and an effective team player
  • Is able to manage changing prioritizations effectively while ensuring timely delivery
  • Capable of responding effectively to queries and taking ownership of requests to final conclusion and within the designated time frames
  • At least 2-5 years of experience in Information Security and Technology with expertise in configuring and using scanning tools, verifying found vulnerabilities, researching found vulnerability mitigation solutions, and working with varied business units to mitigate valid vulnerabilities, and creating secure images
  • 2-5 years' experience in hands-on vulnerability and configuration scanning and mitigation can be substituted for a certification
  • This position is responsible for planning, scheduling, running and mitigating vulnerability and configuration scans in accordance with direction from the Director of Vulnerability Management and Penetration Testing
  • The ability to communicate and work effectively with all facets of the corporation is expected along with expertise in communicating with Management
  • Expertise in promulgating risk to the business by correlating vulnerabilities, configuration settings, by performing an assessment of the risks that considers the threats, our vulnerability to those threats, the likelihood that vulnerabilities will be exploited, the impact that exploitation will have on the company, and finally what the residual risk will be after the vulnerabilities, and insecure configuration settings are remediated
  • Possess an information security certification such as CISSP, or GISP plus two years' experience in vulnerability scanning and mitigation
Create a Resume in Minutes

15 Vulnerability Management Analyst resume templates

1

Cybersecurity Vulnerability Management Analyst Resume Examples & Samples

  • Be a subject matter expert in Vulnerability Impact Modeling and Mitigation
  • Be responsible for identifying: emerging vulnerabilities, the technical controls that exist in the environment to mitigate the risk posed by the vulnerabilities, and the appropriate and relevant actions for remediating the vulnerabilities
  • Solid and demonstrable comprehension of Information Security including vulnerability & compliance tools and processes, associated vulnerabilities, awareness of emerging threats and attacks mapped to effective controls to include AntiVirus, Security Patching Solutions, End Point Encryption, Compliance State Monitoring, Scanning Solutions, SIM/SEM combined with multiple event correlation/analysis
  • Solid and demonstrable comprehension of end to end Vulnerability Management to include industry standards such as CVE, CPE, CVSS
  • Sound awareness of leading vendor products/applications from Oracle [Java], Adobe and Microsoft to include product lifecycle & release schedules
  • Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, firewalls, database, privileged access management, DLP, threat detection
  • Ability to follow and execute Operational process/workflow
  • Experience in large scale Enterprise technology environments
  • Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
  • Experience assisting the resolution of customer escalations, incident handling, and response
  • Exposure to Regulatory & Audit compliance management
  • Ability to think strategically, work with a sense of urgency and pay attention to detail
  • Ability to present complex solutions and methods to a general community
  • Must be reliable and adaptable
  • Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
  • Experience with working on global teams across time zones, cultures and languages
  • Previous experience with direct management in the region and remote team collaboration
  • Previous 24 x 7 operations experience
2

Threat & Vulnerability Management Analyst Resume Examples & Samples

  • Governance and oversight of vulnerability management activities to develop solutions to address control gaps
  • Execute vulnerability management program, including deployment and management of ESM, Anti-Virus, and Patch management across CCB servers, databases and workstations
  • Drive remediation compliance of breaks across CCB and vulnerability assessments
  • Collaborate with CCB Cyber Security, Global Technology Infrastructure, Corporate Cyber teams, and Line of Business Information Risk Management teams for issue resolution and mitigation
  • Support innovation and enhancement efforts within the CCB Cyber Security function
  • 3 to 6 years work experience, including 3 years of technical work experience within Information Technology
  • 1 to 2 years of work experience within security operations - threat and vulnerability management
  • CISSP or SANS GIAC GCIA certification
  • Ability to create/define metrics that accurately reflects the current state of a given process
  • Solid understanding of technology, operations, and business processes
  • Excellent written and oral presentation skills
  • Experience and aptitude to presenting and influencing
  • Demonstrated ability to execute projects from end-to-end with consistent attention to detail
  • Strong interpersonal and customer skills including incident resolution, response and escalation
  • Experience assisting the development and maintenance of tools, procedures, and documentation
  • Excellent written and verbal communication and organizational skills
3

Cnd Vulnerability Management Analyst Resume Examples & Samples

  • Performing scans to identify vulnerabilities or confirm compliance to security standards
  • Provides recommendations on improving the security posture of the client’s enterprise
  • Assist in troubleshooting and problem solving a wide variety of client issues
  • Experience in the following technologies: Vulnerability Scanner, Vulnerability Management System, Host Based Security System, Patch Management, and Intrusion Detection/Prevention
  • Experience in executing and refining vulnerability management at an enterprise level
  • Certified Information Systems Auditor (CISA) or GIAC Certified Network Auditor
  • Security Operations Center (SOC) experience
  • Experience United States Cyber Command guidance on vulnerability management tactics, techniques, and procedures (TTPs)
  • An understanding of DOD information assurance policy and regulations
4

SME Vulnerability Management Analyst Resume Examples & Samples

  • Support the NSOC’s CNDSP 24x7 Watch capabilities by executing IAVM-related duties consistent with CNDSP requirements during non-core business hours as needed
  • Duties include monitoring, acknowledging receipt, obtain status, perform liaison and analysis as necessary, and report compliance with USCYBERCOM directives including INFOCONs, OPORDs, WARNORDs, ODMs, CTOs, and NTDMsExecute, draft, edit, and maintain standard operating procedure (SOP) documentation
  • Perform Vulnerability Management Service (VMS) configuration, use, populating with DoD SCVVI tool results, and report generation to support the IAVM program
  • Perform DoD SCVVI tool and manager servers and performing associated monthly and ad-hoc scans as required on the Network Protection Suites (NPS) and DHA owned and managed
  • Manage, disseminate, interpret, and track compliance with IAVM associated messages
  • Test available vendor provided patches or remediation procedures in the DHA IA lab for issues prior to implementation in the production environment
  • Implement a DoD IAVM program utilizing risk management principals
  • Assume responsibility for the NSOC’s execution of the DoD IAVM program and oversee and direct the activities for a team of support analysts
  • Maintain existing standard operational procedure (SOP) documents and draft new SOPs as necessary
  • Active high level clearance
  • 15+ years of hands-on experience with Information Technology to include three of the following areas
5

Vulnerability Management Analyst Resume Examples & Samples

  • Work with computer operations to define standard operating system builds and configurations and develop effective build maintenance processes
  • Works with larger team to identify exposure, vulnerability assessment, and root cause of systemic issues leading to presence of vulnerabilities/hygiene issues
  • Investigate solutions to automate server build, configuration and vulnerability patching
  • Maintain knowledge of in-the-wild vulnerability exploitation techniques, assess risk to enterprise and prioritize remediation
  • Configure and run automated vulnerability scanning tools, prioritize remediation, and track exceptions
  • Respond to and manage the results of third party server penetration tests
  • Develop and maintain server software inventories and manage application whitelisting solutions
  • Investigate, recommend and deploy virtual patching solutions
  • Develop long term server integrity strategies and solutions
  • Communicate compliance issues to IT managers in an effective and appropriate manner
  • Report on information security metrics to demonstrate operating system integrity effectiveness and generally support Governance, Risk and Compliance activities as required
  • Bachelor’s degree in computer engineering or related field along with 8-10+ years of directly relevant experience
  • Strong ability to drive change in an organization
  • Previous experience with Vulnerability Management/Risk Management
  • Excellent relationship/partnering skills with other enabling teams (i.e. other firm wide technical teams)
  • Strong project management/organizational skills
  • Thorough and can see tasks through from start to finish
  • Abilities to create and implement processes that can scale
  • Good understanding of technology concepts
  • Familiarity with good security practices and implementation of these concepts in various scenarios
  • Ability to assimilate technical and voluminous data and translate into layman terms
  • Ability to craft presentations and updates for senior management
  • Ability to work well under pressure and juggle multiple priorities
  • Strong execution/delivery track record
  • Self-motivated and operates with a high sense of urgency and a high level of integrity
  • Able to understand and breakdown complex problems
  • Previous experience working in large scale environments with diverse technologies
  • Ability to work in a persuasive manner with diverse personnel at all levels of the organization
6

Senior Vulnerability Management Analyst Resume Examples & Samples

  • Assessment of threats and vulnerabilities based on enterprise vulnerability management framework
  • Assignment of remediation tasks to the affected groups and tracking of remediation through closure
  • Management of vulnerability lifecycle including ensuring timelines, lifecycle phase management, and recording evidence as needed
  • Interface with groups across the organization to drive remediation of identified vulnerabilities
  • Central tracking and management of enterprise vulnerabilities
  • Enhance proactive remediation of vulnerabilities identified by various sources
  • Review and analyze vulnerability scan data, determine action items and ensure remediation
  • Help standardize processes and procedures and provide improvement
  • Execute processes and tasks under continuous vulnerability monitoring initiative
  • Produce metrics to demonstrate process effectiveness and remediation across the enterprise
7

Vulnerability Management Analyst Resume Examples & Samples

  • Supporting the clients Information Assurance Vulnerability Management (IAVM) program
  • Performing enterprise vulnerability scans utilizing the Assured Compliance Assessment Solution (ACAS)
  • Analyzing and remediating vulnerabilities on networks and systems
  • Information Assurance Vulnerability alert and bulletin (IAVA, IAVAB) tracking and reporting
  • Creation of technically detailed reports on the status of Information Assurance Vulnerability Alerts (IAVA), Information Assurance Vulnerability Bulletins (IAVABs), Host Based System Security information (HBSS), and current threats based on open source information
  • Provide recommendations on improving the security posture of the client’s enterprise
  • Ability to maintain an active clearance
  • Minimum of three (3) years vulnerability management experience
  • Experience in the following technologies: Vulnerability Scanners, Vulnerability Management Systems, Host Based Security System, Patch Management, and Intrusion Detection/Prevention Systems
  • People skills and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or GIAC Certified Network Auditor (GSNA)
  • Prior experience with tools such as DISA Assured Compliance Assessment Solutions (ACAS), eEye Retina and Retina Enterprise Manager (REM), DISA Vulnerability Management System (VMS) and CORE Impact
8

Vulnerability Management Analyst Resume Examples & Samples

  • Ability to use automated tools and analysis to assess operating systems, applications, databases, servers, and network equipment for vulnerabilities and secure configurations
  • Knowledge of and familiar with identity and authentication management and their architecture
  • Ability to architect solutions for cross domain solutions to include Microsoft, Linux, IBM, SCADA, and Gaming
  • A working knowledge of vulnerabilities and configuration settings and their exploitation in order to gain access to networks, applications, hosts, and desktops. (White hat only)
  • Security engineering
  • Forensics analysis
  • Reverse software engineering
  • Wireless security architectures, scanning, rogue detection and prevention and secure configurations
  • Threat/Vulnerability Research
  • Source Code Scans
  • Red Team engagements
  • Excellent writing and speaking skills
  • Red Team and Tabletop exercise experience
  • Ability to gather and report meaningful metrics
  • Associate’s degree in Information Systems or equivalent in relevant discipline preferred
  • At least five years of experience in Information Security and Technology with expertise in configuring and using scanning tools, verifying found vulnerabilities, researching found vulnerability mitigation solutions, and working with varied business units to mitigate valid vulnerabilities, and creating secure images
  • Five years’ experience in hands-on vulnerability and configuration scanning and mitigation can be substituted for a certification
  • This position is responsible for planning, scheduling, running and mitigating vulnerability and configuration scans in accordance with direction from the Director of Vulnerability Management and Penetration Testing
  • The ability to communicate and work effectively with all facets of the corporation is expected along with expertise in communicating with Management. It’s essential that this position have the ability to explain in plain English what each vulnerability and insecure configuration is and what activity it could allow in the LVSC environment
  • Expertise in promulgating risk to the business by correlating vulnerabilities, configuration settings, by performing an assessment of the risks that considers the threats, our vulnerability to those threats, the likelihood that vulnerabilities will be exploited, the impact that exploitation will have on the company, and finally what the residual risk will be after the vulnerabilities, and insecure configuration settings are remediated
  • Possess an information security certification such as CISSP, or GISP plus two years’ experience in vulnerability scanning and mitigation
9

Vulnerability Management Analyst Resume Examples & Samples

  • Ensure that the security assurance delivers timely and accurate, information on the status of Global Technology assets as compared against the GIS standards or any other control measure as defined and agreed with senior management
  • Liaise with technology and other business teams at all levels to encourage and support their development of technical security controls and system build configurations as well as identifying secure and resource-efficient ways of validating that the standards are being met
  • On-going development and delivery of compliance and risk based scorecards and dashboards
  • Operate controls as defined within the Barclays IT standards and policies and as directed by various Global Information Security initiatives
  • Provision of subject matter expertise and provision of advice and guidance relating to security configuration management and vulnerability assessment to all stakeholders/business units
  • Providing support, leadership and mentoring to other team members/junior staff
  • Owning and maintaining service and processes documentation and ensuring it is accurate at all times
  • Assist the Head of Security Configuration & Vulnerability Management in defining and executing existing and future security monitoring strategies
  • Owning all aspects of the toolsets used by the team including; toolset maintenance, support activities, upgrade and patch planning
  • Creating and managing team activity plans and responsibility to deliver to them
10

Threat & Vulnerability Management Analyst Resume Examples & Samples

  • 2-3 years of Mcafee end point security support
  • 2-3 years experience with IDS/IPS
  • 1-2 years experience with web filtering proxy
  • Strong understanding of Windows Operating Systems
11

Vulnerability Management Analyst Resume Examples & Samples

  • Associate's degree in Information Systems or equivalent in relevant discipline preferred
  • At least 2-5 years of experience in Information Security and Technology with expertise in configuring and using scanning tools, verifying found vulnerabilities, researching found vulnerability mitigation solutions, and working with varied business units to mitigate valid vulnerabilities, and creating secure images
  • 2-5 years' experience in hands-on vulnerability and configuration scanning and mitigation can be substituted for a certification
  • The ability to communicate and work effectively with all facets of the corporation is expected along with expertise in communicating with Management
  • Possess an information security certification such as CISSP, or GISP plus two years' experience in vulnerability scanning and mitigation**
  • Ability to architect solutions for cross domain solutions to include Microsoft, Linux, IBM
  • A working knowledge of vulnerabilities and configuration settings and their exploitation in order to gain access to networks, applications, hosts, and desktops
12

Vulnerability Management Analyst Resume Examples & Samples

  • The Vulnerability Analyst will identify, classify, plan mitigations, and track results for detected cyber security vulnerabilities
  • Work with the program manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities. This will include identifying data feeds to monitor and which analyst resources will be responsible
  • Bachelor's degree and 8+ years of experience in cyber security. Additional experience or certification may be considered in lieu of degree
  • Experience with reviewing cyber security vulnerabilities for risk and relevance
13

Vulnerability Management Analyst Resume Examples & Samples

  • Coordinate with internal and external stakeholders to establish and manage a vulnerability management program with linkage to the ND 52-5 (Assessment, Authorization, and Monitoring) and ND 52-15 (Risk and Vulnerability Assessments, Reviews, and Updates)
  • Support Government activities and reporting to appropriate IC and DoD authorities
  • Assess and manage the implementation of identified corrections (e.g., system patches and fixes) associated with technical vulnerabilities as part of the vulnerability management program
  • Develop and deliver inputs to the planning, execution, and follow-up of Blue Team, Red Team, and other ad hoc vulnerability assessment and/or penetration testing activities
  • Develop and deliver inputs to the analysis and tracking, and report remediation status for vulnerability scans, as well as all audits, assessments and inspections using processes directed by Government (currently the Enterprise Vulnerability Assessment Remediation process)
  • Develop and deliver a list of activities for Cyber Security Awareness Month
  • Develop, deliver, maintain and update current documentation on vulnerability management processes and procedures
  • Collect necessary data, develop and deliver a monthly Cyber Vulnerability Metrics Report
  • Develop and deliver a weekly Cyber Heat Map
  • Develop and deliver asset vulnerability views for categories such as mission, cross domain, and location
  • Develop updates and maintain the documentation of the heat map process and recommend improvements
  • Develop cyber threat analysis for known threats
  • Develop and deliver documentation supporting cyber indications and warnings
  • Document and deliver reporting activities related to cyber threat situational awareness and reporting, as well as cyber-related metrics and reporting
  • Document and deliver Government activities and reporting related to tasking and directions received from stakeholders
  • Cross Domain Technologies
  • Information Technology Virtualization
  • Cloud IA Technologies
  • Cryptography
  • Public Key Infrastructure
  • Network and Host-Based Intrusion Detection and Prevention Systems
  • Cyber mission Computer Network Defense of space assets
  • Cyber Defense Techniques
  • Operational Readiness, Verification, and Validation Reviews
14

Vulnerability Management Analyst Resume Examples & Samples

  • Passion for identifying security weaknesses across a variety computer systems
  • Perform complex security related testing, creating test cases, performing manual and automated tests, reporting on problems encountered and documenting test results for follow-up
  • Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary
  • Proven ability to communicate technical issues to technical and non-technical business area representatives
  • Analyze operational IT processes to identify systemic risk issues
  • 2-3 years hands-on experience in either: Vulnerability Management, penetration testing, or vulnerability management
  • Programming experience in Java, C++, Perl or Python
  • Experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols
  • Hands-on experience with commercial and open-source network and application security testing tools
  • Demonstrated sound written and verbal communication skills
  • Work independently and manage workload with organization to meet expectations and objectives
  • High level of integrity in dealing with confidential and sensitive information
15

Senior Vulnerability Management Analyst Resume Examples & Samples

  • Oversee various teams involved with the testing of security controls within the GM environment
  • Act as a coach and mentor to other team members, sharing knowledge associated with tools and practices utilized for vulnerability assessments and penetration tests
  • Experience in large scale information technology implementations and operations preferred
  • Design, interpret & communicate information security policies & controls
  • Develop processes and implement tools and techniques to perform ongoing security assessments of the environment
  • Implement tools and techniques to identify and prevent unauthorized IT asset deployments
  • Keep current on industry security testing best practices and industry security risks
  • Bachelor’s degree in Information Systems or related field with adequate experience in the field of information security is acceptable
  • 3-5 years hands-on experience in either: security assurance, penetration testing, or vulnerability management
  • Experience with white-box or gray-box testing
  • Experience with application security source code reviews
  • Advanced knowledge of operating system and database security (Windows, Unix, Linux, SQL, and Oracle etc.)
  • Extensive ability to transform technical concepts into usable documented material for non-technical users
  • Work on multiple projects simultaneously, set priorities and meet deadlines
  • Absorb, retain and organize information gathered from multiple sources and in a variety of formats
  • Experience developing exploits
  • Obtained certifications in one or more of the following preferred
16

Cybersecurity Vulnerability Management Analyst Resume Examples & Samples

  • Coordinates and manages timely remediation of security vulnerabilities across a variety of technologies
  • Works with LOB representatives to ensure remediation efforts adhere to corporate standards and policies
  • Provides analysis of remediation actions for both point in time and post event analysis
  • Coordinates remediation of high visibility, critical vulnerabilities in conjunction with senior analysts or senior analyst leads
  • 2+ total years working in information technology
  • Understanding of a variety of technical concepts such as: networking, systems administration, application development, application security, viruses/malware behavior, and penetration testing
  • Experience with business and/or data analytics with the ability to provide qualitative analysis and recommendations
  • Strong organizational and/or project management skills
  • Ability to develop strong working relationships with a variety of other enabling teams
  • Strong attention to detail, data accuracy, and data analysis
17

Vulnerability Management Analyst Resume Examples & Samples

  • Execute vulnerability scans and IAVM management of systems
  • Maintain certification and accreditation documentation for specialized network defense system
  • Active DoD Security Clearance
  • A bachelor's degree in computer science or related discipline; or 4 years of related experience in lieu of a degree
  • Three (3) years of related experience
  • IAT II & CNDSP-IR DoD 8570 compliant by obtaining/maintaining required certifications such as; Security+ CE and CEH
  • Experience using ACAS scanning tools and/or other compliance assessment tools
  • Provide quality customer service and problem solving skills
18

Vulnerability Management Analyst Resume Examples & Samples

  • Perform as a vulnerability management SME in one or more of the following areas: Microsoft platform (Server, workstation, applications), Open Systems platforms (Linux, UNIX, VM Ware ESX), Java, Adobe, Web Application, Java web app virtualization platforms (e.g. WebSphere), Networking, Databases (Oracle, SQL Server, DB2, IMS), and others
  • Have the ability to understand and develop enterprise policy and technical standards with specific regard to vulnerability management and secure configuration
  • Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to Allstate’s environment, and determine and implement mitigating controls
  • Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
  • Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions
  • Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need
  • Be a champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas
  • Providing mentorship and support to teammates with regard to vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development
  • Develop and improve KPIs, metrics, and trending for vulnerability management functions
  • Participate and lead new projects as needed
  • Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field
  • 3-5+ years experience in either vulnerability management or related information security field (Threat Intelligence, Network Security, Incidence Response, Security Risk Management)
  • Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
  • Advanced experience with vulnerability scanning tools (Qualys preferred) and other vulnerability management tools
  • Demonstrate knowledge of IT security best practices including operating systems(Windows, Unix, Linux), end-user application, and network security
  • Demonstrate knowledge of networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, etc)
  • Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
  • Experience working in very large enterprise environment with diverse teams
  • Effective written, verbal communication skills. Ability to tailor communication style to audience at hand
  • Ability to effectively communicate with technical and non-technical resources
  • Self-directed, works with minimal guidance, and recognizes when guidance needed
  • Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing
  • Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls
  • CISSP, GCIH, GPEN, or other industry certification or expected completion of certification within 1 year of hire
19

Threat Vulnerability Management Analyst Resume Examples & Samples

  • Responsible for defining, ratifying and maintaining a formal Threat & Vulnerability Management Program; and framework that defines the vulnerability priorities aligned with business criticality
  • Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
  • Help identify metrics and KPIs that could be tracked in order to measure impact on multiple stakeholder groups
  • Apply a variety of analysis tools to interpret data and identify key learnings and patterns
  • Produce visualizations of data to monitor for developing trends/patterns and highlight areas of potential improvement
  • Work with technology owners to validate the policy compliance profiles
  • Review the policy compliance scan results with stake holders
  • Help build/improve an exception process to manage policy compliance deviation
  • Bachelor's Degree in Business, Management, Computer Sciences, or equivalent prior work experience in a related field
  • Two to Three years of experience in Qualys policy compliance and vulnerability management
  • Experience with analytical tools SAS or R or Python Experience with business intelligence and dashboard generation
  • Expert at Excel Exposure to Qualys APIs
  • Knowledge of scripting languages like python and Perl Understanding of CIS-Benchmark and NIST framework
  • In-depth knowledge performing vulnerability management and policy compliance scan In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL)
  • Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN
  • Outstanding oral and written communications skills. This includes the ability to make formal stand-up presentations to all levels of management, etc
  • Personal requirements: Results driven, with a strong sense of accountability. A pro-active, motivated approach. The ability to operate with urgency and prioritize work accordingly. A structured and logical approach to work. Strong problem solving skills. A creative and innovative approach to work. Ability to work in a team environment. The ability to manage large workloads and tight deadlines. Excellent attention to detail and accuracy
20

Vulnerability Management Analyst Resume Examples & Samples

  • Manage and operate all security solutions and technology used in cyber security to identify and manage vulnerabilities, provide protection and regulatory compliance, and provide oversight to patch management processes
  • Coordinate, perform and document Cyber Security Vulnerability & Penetration Tests and wireless audits as well as mitigating Cyber Security Vulnerabilities
  • Provide cyber security support to business and technical teams in the design of standardized products and customized solutions. Must be flexible to continuously changing demands and technologies and have the ability to maintain a library of security tools used as part of this function
  • Develop and maintain a working relationship with 3rd Party service providers responsible for providing technology consulting. Work with business unit executives and service providers to introduce required Cyber Security functionalities into the environment
  • Provide all assigned responsibilities as part of an on-call rotation
  • Bachelor’s degree with a concentration in computer science, technology, accounting or business or equivalent combination of education and experience. Minimum of 3 years experience in I/T including 1 years direct experience in cyber security
  • Demonstrated verbal/written communication and presentation skills
  • Proven problem solving and business risk analysis skills
  • Good investigative, conflict resolution and negotiation skills
  • Must possess a broad knowledge relating to I/T infrastructures and have in-depth and up-to-date experience with multiple operating systems and desk side integration
21

Threat & Vulnerability Management Analyst Resume Examples & Samples

  • Responsible for configuring and maintaining vulnerability assessment tools, as well as performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results
  • Assist in assessing Third Party Partner vulnerability and security risk
  • Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs
  • Understand approaches for addressing vulnerabilities including system patching, deployment of specialized controls, code or infrastructure changes, changes in development processes, cloud and mobile devices
  • Identify and resolve any false positive findings in assessment results
  • Developing and producing metrics and reporting on the state of system security, threat, vulnerability and patch management
  • Design and deliver actionable Information Security dashboards and scorecards
  • Documents all issues and assists in their resolution
  • Delivers security training and education to technical staff within findings and acts as an internal security consultant to advise or influence business or technical partners
  • Familiarity with malicious code identification and common hacker attack techniques
  • Understanding of Web Services technologies such as XML, SOAP, and SAML
  • Analyze data sources and recommend optimal data sources to provide relevant reporting
  • Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams
  • Recommend appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions
  • Validate remediation activities
  • Oversee and participate in the valuation and prioritization of assets based on business criticality
  • 5 - 10 years’ experience working in an information security related role managing endpoints in an enterprise environment
  • Advanced understanding with working experience collecting and tracking threat intelligence
  • Experience working with tracking, communicating and prioritizing vulnerabilities and cyber threats to an enterprise wide organization
  • Must possess excellent communication skills (written, verbal). Should be able to work with technical and non-technical individuals alike
  • Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)
  • Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners)
  • Experience with vulnerability scanners (e.g., Qualys, Whitehat), vulnerability management systems, patch management, and host based security systems. Host Based Security Systems, patch management
  • Beneficial if experienced in Database Activity Monitoring Systems (DAM), and Web Application Firewalls (WAF)
  • Has experience assessing and addressing threats to mobile devices and cloud environments (e.g., Amazon Web Services, Azure)
  • Mobile security testing and analysis
  • Perform threat modeling, vulnerability analysis, penetration testing, code review and SDLC support
  • Provide expert advice and consultancy to customers on risk assessment, threat modeling and fixing vulnerabilities
  • Document technical standards
  • Write technical reports based on security findings
  • Strong problem solving and analytical skills demonstrated by the ability to assimilate new information, understand complex topics and arrive at sound analysis and judgment
  • Self-Motivated
  • Project execution, strategy and management
  • Identify and manage risks
22

Vulnerability Management Analyst Resume Examples & Samples

  • Implement processes and manage tools used to identify vulnerabilities and track their remediation within the GM environment
  • Keep current with vulnerabilities, attacks, and countermeasures as well as devoting time to research and development activities
  • Coordinate and collaborate with leadership regarding technical vulnerabilities that may have the potential to impact enterprise operations
  • 2-3 years hands-on experience in either: security assurance, penetration testing, or vulnerability management
  • Master’s degree in a relevant field
  • Obtained certifications in one or more of the following preferred: CISSP, GIAC, CEH
23

Senior Vulnerability Management Analyst Resume Examples & Samples

  • Assist leadership in expanding the current Vulnerability Management program
  • Integrate threat modeling practices into the vulnerability management practice
  • Act as a coach and mentor to team members, sharing knowledge associated with tools and practices utilized for vulnerability assessments
  • Maintain patch and vulnerability management practices to prevent the exploitation of vulnerabilities that exist within GM systems
24

Threat Vulnerability Management Analyst Resume Examples & Samples

  • The Role of the Senior Threat Intelligence and Vulnerability (TIV) Analysts will be part of a team that is responsible to manage, monitor, and communicate the information security risks associated with inherent and residual vulnerabilities that may result in harm or disruption to the Company
  • The analysts will be part of a team that will work closely with key stakeholders from IT, Business and Corporate Support Functions to gather requirements understand priorities and communicate impact and context of vulnerabilities in business speaking terms to the lines of business, and to upper management
  • The analysts will be part of a team that will develop metrics that will measure the effectiveness of practices and controls to mitigate threats and vulnerabilities on a periodic basis; and develop dashboards that illustrate the effectiveness of risk mitigation over time
  • Additionally, the analysts is part of a team that will work to resolve information security related incidents and events related security breaches in a manner that ensures the safety of information system assets and confidential customer, consumer, employee and corporate data
  • The analysts will also identify and manage the implementation of appropriate security controls, aligned with industry best practices to meet security objectives and standards while allowing flexibility for the businesses to manage their responsibilities
  • Personal requirements: Results driven, with a strong sense of accountability A pro-active, motivated approach. The ability to operate with urgency and prioritize work accordingly A structured and logical approach to work Strong problem solving skills A creative and innovative approach to work Ability to work in a team environment The ability to manage large workloads and tight deadlines Excellent attention to detail and accuracy