What are the responsibilities and job description for the Security Analyst position at Jobs via Dice?
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Nexxora Inc., is seeking the following. Apply via Dice today!
Security Analyst Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei
ROLE LOCATION(S) Onshore, SI Office: Alpharetta, GA; Charlotte, NC; Chicago, IL; Conshohocken, PA; Dallas, TX; Denver, CO; Fargo, ND; Garden City, NY; Houston, TX; Lenexa, KS; Lubbock, TX; Morristown, NJ; Mt Juliet, TN; New York, NY; Purchase, NY; Topeka, KS
Hybrid
Role Summary
The Security Analyst is responsible for independently managing third-party vulnerability data sources, executing scans using proprietary Client tools, and collaborating with IT teams to prioritize mitigation efforts. The role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems.
Role Responsibilities
Security Analyst Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei
ROLE LOCATION(S) Onshore, SI Office: Alpharetta, GA; Charlotte, NC; Chicago, IL; Conshohocken, PA; Dallas, TX; Denver, CO; Fargo, ND; Garden City, NY; Houston, TX; Lenexa, KS; Lubbock, TX; Morristown, NJ; Mt Juliet, TN; New York, NY; Purchase, NY; Topeka, KS
Hybrid
Role Summary
The Security Analyst is responsible for independently managing third-party vulnerability data sources, executing scans using proprietary Client tools, and collaborating with IT teams to prioritize mitigation efforts. The role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems.
Role Responsibilities
- Analyze vulnerabilities from various sources and input them into the vulnerability management tool using approved methods to ensure a complete overview of exposures.
- Evaluate existing vulnerabilities to find problem areas or opportunities for mass-mitigation.
- Communicate with other teams to explain the opportunities or needs.
- Escalate vulnerabilities that have breached our time-to-resolve limits.
- Configure scanning tools and manage scan schedules.
- Collect a set of metrics and KPIs for our departmental use.
- Consider opportunities for AI to improve all of the above.
- Strong familiarity and prior experience with:
- HTTP, PKI and signatures/encryption, SMTP, DNS, CWEs, CVEs, and other frameworks.
- Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei or other scanning tools.
- Web application scanning and web application firewalls.
- Containers.
- CIS benchmarks, STIGs, or other security hardening standards.
- SAML, Kerberos, OAuth, OIDC, LDAP.
- Powershell and Python.
- Jenkins.
- Splunk data onboarding indexes, sourcetypes, data models, forwarders, apps, HECs.
- Azure event hubs, Kafka, syslog.
- Sentinel, Defender, Crowdstrike, or other EDRs.
- Able to research independently using available sources, collect data, then document a clear plan of action,
- Systematic thinking and troubleshooting.
- Able to create clear and detailed documentation of designs and processes for a diverse technical audience.
- Provide clear and concise communication of requirements, priorities, and status.
- Bachelor s Degree in Information Technology or related field is considered a plus, not mandatory.