Armor is seeking a talented and highly-motivated individual to serve as our Vulnerability Management Analyst (VTM). Primary responsibilities in this role will be to perform vulnerability scans and managing the remediation process to ensure the overall security state across our corporate and cloud environments. Working with best of class technologies and leading edge intelligence, this position strives to reduce the surface area of attack.
Vulnerability Management Analyst (VTM) Essential Duties and Responsibilities: (Additional duties may be assigned as required)
* Ability to plan and manage the vulnerability management program, providing input to Security Operations management on strategy and overall assessment of the vulnerability program, to include maintain historical metrics on program effectiveness. * Work with Cyber Intelligence and Friendly Network Forces team on a recurring basis to assess current CVE patching requirements, making recommendations on priority patching for customer and corporate network systems. * Have a view outside of Armor, looking and understanding the changing nature of security threats. * Lead efforts in configuring, monitoring, and managing vulnerability assessments tests. * Monitor and review security and system patch notification systems to identify and manage corrective action. * Lead the consolidation of large sets of data specific to vulnerabilities to apply priorities and risk to the findings. * Able to assess the risk from not only a tactical perspective but also a strategic/global scale and apply these findings to aid in prioritizing remediation efforts. * Develop, deploy, and present Armor's current and historical security state metrics. * Coordinate efforts with the Internal Audit and Information Security organizations to meet and exceed Risk and Compliance requirements. * Research and investigate new and emerging vulnerabilities and participate in external security communities.
* Detailed knowledge of system security vulnerabilities and remediation techniques. * Foundational Knowledge of Linux and Window Server administration and the ability to administer scripting languages including: Python, Bash, Ruby and PHP. * Strong Analytical skills when working with large amounts of data. * Highest ethical standards when handling private and confidential data. * Able to work independently and efficiently to meet deadlines. * Strong desire to work on the front line of Security. * Self-motivated and detail-oriented. * Highly skilled and/or educated in the area of Information Security. * Able to multi-task, prioritize, and resolve multiple inquiries at once. * Creative thinking and troubleshooting. * Excellent communication (oral and written), interpersonal, organizational, and presentation skills.
Education And/Or Experience:
* Experience involving incident response to large-scale attacks and Advanced Persistent Threats a plus. * Security and Technical Certifications: CISSP, CISA, CISM, GPEN (preferred). * Associates Degree or Bachelor's Degree (preferred) and/or 3-5 years of job-related experience.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required:
* Knowledge of and ability to implement technical aspects of PCI DSS 3.2.1, HIPAA, and other compliance standards. * Knowledge of and ability to manage Windows, Linux Servers, Network Devices, Database, Middleware, and Application vulnerabilities. * Knowledge of and ability to administer network and host-based security tools to include penetration testing and ethical hacking products. * Knowledge of and ability to manage vulnerability scans against a range of assets. * Knowledge of and ability to administer scripting languages: Python, Bash, Ruby. * Knowledge of and ability to work with SQL.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment may be in either an office setting, at the company's data center, or at a third-party location for training.
Equal Opportunity Employer
It is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.
About Partners Data Systems
Partners Data Systems is a company that provides storage and backup automation solutions.