We are seeking to hire a Vulnerability Management Analyst in Houston, TX (prefer local candidates)
Key Responsibilities
- Support the team in developing and maintaining vulnerability management policies, procedures, and workflows.
- Contribute to vulnerability assessment reports for assigned Business Unit.
- Collaborate closely with digital technology teams to understand their workflows, priorities, and constraints related to vulnerability remediation.
- Develop clear and concise communication plans to inform end users about upcoming remediation activities, including expected impacts, timelines, and actions required.
- Identify and distinguish Business Unit assets from corporate assets within the Tenable system.
- Utilize Tenable to drive remediation plans and to identify weaknesses such as missing patches, misconfigurations, and other security vulnerabilities.
- Analyze scan results generated by Tenable to prioritize vulnerabilities based on severity, potential impact, and exploitability.
- Adhere to Service Level Agreements (SLAs) and Key Performance Indicators (KPIs).
- Develop clear and comprehensive standard operating procedures and corresponding documentation in flowchart and other standard Microsoft documents.
- Provide weekly status summarizing progress and key findings.
- Stay informed about emerging security threats and vulnerability trends.
Required Skills and Experience
- Knowledge of vulnerability assessment tools and techniques
- Familiarity with common security vulnerabilities and mitigation strategies
- Basic understanding of information security concepts and common vulnerabilities
- Strong analytical, critical thinking and problem-solving skills
- Excellent coordination and communication skills, with the ability to effectively liaise with cross-functional teams and stakeholders
- Knowledge of Windows and Linux operating systems
- Eagerness to learn and grow in the field of cybersecurity
Preferred Skills and Experience
- Familiarity with vulnerability management tools, e.g. Tenable and processes
- Relevant security certifications such as CISSP, CISM, or CEH
- Familiarity with ServiceNow Vulnerability Response, including experience leveraging the platform for incident response, ticketing, and asset management within security context.
- Understanding of regulatory compliance requirements and/or frameworks related to cyber security, e.g. GDPR, HIPAA, PCI DSS, NIST CSF
This is a 12+ month project with the possibility of multiple extensions.