Vulnerability Management Analyst

Business Technology Charlotte, North Carolina


Description

Position at Weisiger Group

Join the Weisiger Group Team

As a family-owned company under our fourth generation of leadership, we have built our business based on the principles of trust, integrity, and a desire to help our customers and employees succeed.

Since 1926, we’ve supported the strength of our communities by supplying equipment for critical infrastructure and commerce, and by funding programs that advance social and economic vitality. Being around for nearly 100 years means we change and pivot to capture opportunities and avoid challenges. We make smart investments in our company and continuously improve as part of our vision to be a trailblazing company that’s built to last. 

We’re looking for hard-working, team-oriented professionals who enjoy working on new challenges every day. We believe our employees are the key to our success, and we’re committed to providing a work experience that helps our team grow to their full potential. 

Join a leading solutions provider and be a part of a group of highly skilled technicians, sales and support team members who exist to serve as a trusted partner to our customers, communities, and fellow employees.

Summary

The Weisiger Group Business Technology team is seeking an experienced Vulnerability Management Analyst who has experience with vulnerability management across an enterprise. The Vulnerability Management Analyst will be responsible for scoping, scheduling, scanning, and remediating any vulnerabilities identified.

The Vulnerability Management Analyst is responsible for support for all Cyber Security platforms including firewalls, IDS/IPS, AV and Malware Protection, URL Filtering, and Disaster Recovery technologies with a focus on vulnerability management platforms and patch management. This is a technical role helping assess, plan, and deploy Cyber Security protection platforms. This role will be part of the IT Security Team, interacting with other IT team members as well as various internal customers and external vendors. 

Essential Functions

  • Maintain the Vulnerability Management platform and workstation patching.
  • Responsible for reviewing vulnerability data from multiple sources (i.e. internal / external penetration testing, vulnerability scanning, etc.) across different technologies in a changing environment including server infrastructure, network infrastructure, and applications to determine risk rating of vulnerabilities to business assets.
  • Assist in improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion & normalization, compliance metrics and detections on assets.
  • Partner with tools and technology teams to troubleshoot, develop, select, implement, and automate appropriate security solutions to keep system data protected from internal and external threats.
  • Work with other business units to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks.
  • Stay current with vulnerability information across all the products in the Weisiger Group environment.
  • Provide technical expertise for vulnerability management projects.
  • Provide analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving roadblocks.
  • Perform reoccurring and on-demand scanning activities of both corporate and cloud environments utilizing enterprise platform.
  • Ensure scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
  • Coordinate with third-party vendors and other organizations in improving the overall scanning and remediation process.
  • Perform Infrastructure Security system maintenance, upgrades, and migrations.
  • Assist with monitoring and investigating security breaches.
  • Partner with other Security & Infrastructure team members for secure architecture configurations and solutions.
  • Evaluate documented resolutions and analyze trends for ways to prevent future problems.
  • Assist with Incident Response Management.
  • Perform any other duties as assigned by Weisiger Group management.
  • Other duties as assigned

Supervisory Responsibilities

This job has no supervisory responsibilities.

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable qualifying individuals to perform the essential functions.

Education and/or Experience

  • IT Security Certifications such as Certified Vulnerability Assessor (CVA), Certified Ethical Hacker (CEH), CIPP (Certified Information Privacy Professional), CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor), CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) is a plus.
  • Bachelor's degree in Computer Science, Information Technology, Cyber Security, or equivalent combination of education and/or work experience.
  • 3+ years of related experience within cybersecurity professional services, vulnerability management, and compliance monitoring.
  • Strong understanding of Enterprise Patching is preferred
  • Strong understanding of Security Principles is preferred
  • Strong understanding of Social Engineering protections and training is preferred

Skills

  • Demonstrated experience executing cybersecurity vulnerability management, patch management, and analysis.
  • Strong working understanding of the Tenable IO Security Center, Microsoft Intune, and Microsoft SCCM product lines required.
  • Understanding of a variety of technical concepts with focus on cloud computing, automation, systems administration, and information security best practices.
  • Proficiency with PowerShell is strongly desired.
  • Experience in vulnerability scanning, SIEM, penetration testing, network access control, advanced malware protection and/or mobile device management.
  • Experience in design, implementation and operations experience with security technologies that includes, but not limited to: IDS/IPS Firewalls Log Analysis and SIEM Network Behavior Analysis tools.
  • Experience in IT controls monitoring for regulatory and compliance requirements like NIST CSF and PCI DSS / PA-DSS.

Workplace Requirements

The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Physical Demands

While performing the duties of this Job, the employee is regularly required to stand; walk; use hands to finger, handle, or feel; reach with hands and arms and talk or hear. The employee is frequently required to sit. The employee must frequently lift, carry, push, pull and /or otherwise move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception and ability to adjust focus.

Work Environment

While performing the duties of this Job, depending on site location, the employee may be exposed to moving mechanical parts and equipment. The employee may occasionally be exposed to high, precarious places, fumes or airborne particles; outside weather conditions and vibration. The employee may occasionally be exposed to wet and/or humid conditions; toxic or caustic chemicals; extreme cold; extreme heat and risk of electrical shock. The noise level in some work environments is occasionally loud.

We are an Equal Opportunity Employer

We require all employees to treat all our employees and candidates as equals. All personnel actions are conducted in the spirit of equal employment. We’re committed to recruit, train, promote and retain associates without regard to race, color, religion, gender, gender identification and expression, national origin, marital status, age, disability, genetic information, military status, sexual orientation or any other characteristic protected by applicable local, state or federal laws.

#Weisiger

EEO/AA Employer. All qualified individuals – including minorities, females, veterans and individuals with disabilities – are encouraged to apply.