Vulnerability management Analyst - Hybrid

Description:

Technical Proficiency:

• Vulnerability Assessment: Experience conducting vulnerability assessments using industry-standard tools such as Nessus and Rapid7. Proficient in identifying, categorizing, and prioritizing vulnerabilities across networks, systems, applications, and cloud platforms.

• Risk Analysis and Management: Skilled in applying risk frameworks to analyze threat landscapes, estimate potential impacts, and design practical risk mitigation strategies. Adept at translating technical findings into business risks for executive stakeholders.

• Security Architecture Review: Demonstrated ability to review and evaluate infrastructure and application architectures for security gaps, recommending controls and improvements to strengthen resilience against attacks.

• Incident Response Support: Familiarity with incident detection, investigation, containment, and remediation, supporting security operations teams with actionable vulnerability and risk intelligence.

• Threat Intelligence Integration: Ability to consume, analyze, and act upon threat intelligence feeds and advisories, correlating external threat data with internal findings to enhance situational awareness.

Professional Experience:

• Program Support: Supported vulnerability management programs, coordinated and ensured timely remediation of critical findings. Supported delivery of projects within scope and budget, contributing to organizational security posture improvement.

• Policy and Procedure Development: Authored and updated vulnerability management policies, risk assessment templates, and reporting standards, aligning with regulatory and compliance requirements (e.g., GDPR, HIPAA, PCI DSS, SOX).

• Audit and Compliance: Supported internal and external audits, providing evidence for vulnerability scans, risk assessments, and remediation efforts. Ensured controls were effectively designed and operating as intended.

• Metrics and Reporting: Developed dashboards and reports for senior management, visualizing trends in vulnerabilities, threat activity, and risk levels. Used data-driven insights to support strategic decision-making and resource allocation.