Vulnerability Management Analyst
| Company | Alight |
|---|---|
| Location | California, USA, Texas, USA, Georgia, USA, New York, NY, USA |
| Salary | $72200 – $114500 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Mid Level |
Requirements
- Minimum of 3 years of experience in a Vulnerability Management or related cybersecurity role.
- Expert knowledge of vulnerability management tools, such as Nessus or Qualys
- Ability to analyze vulnerabilities, develop mitigation plans and execute them
- Deep understanding of common vulnerability assessment methodologies and techniques (e.g., CVSS scoring, EPSS, threat modeling).
- Familiarity with security tools such as SIEM (Sentinel, QRadar, etc.), EDR (Defender , CrowdStrike, etc. ), and SOAR platforms.
- Proficiency in scripting languages (Python, PowerShell) for automation.
- Familiarity with cloud security environments (AWS, Azure, GCP).
- Excellent analytical and problem-solving skills.
- Strong communication and documentation skills
- Ability to work as part of a team to identify and mitigate risks
Responsibilities
- Responsible for identifying, assessing, and managing security vulnerabilities in IT systems and the network
- Perform regular vulnerability scans using tools like Tenable Nessus, Qualys. Monitor and analyze vulnerability data from security tools.
- Analyze vulnerability scan results, assess exploitability, and prioritize remediation based on risk impact and business context.
- Work with IT, DevOps, and system owners to track, validate, and verify the remediation of identified vulnerabilities. Assist in validating security patches, misconfigurations, and hardening recommendations.
- Develop dashboards, reports, and risk assessments to track vulnerability remediation progress and security posture.
- Stay current with security technologies, trends, and best practice
- Regularly review vulnerability management policies to ensure that they are effective
- Identify system and network security weaknesses, assess the impact of those weaknesses, and recommend remediation strategies
- Research threats and assess the likelihood that an attack or data breach could occur, as well as developing a comprehensive assessment of potential risks and recommending appropriate countermeasures
Preferred Qualifications
- Relevant certifications such as CompTIA Security+ , GCVA, CVMP or equivalent are a plus.