Proficio is hiring a
Vulnerability Management Analyst

Summary

The job is for a Vulnerability Management Analyst at Proficio, an award-winning MDR services provider. The role involves managing vulnerabilities, conducting attack and breach response tests, and providing threat intelligence reports. The candidate should have 2+ years of experience in a Qualys Cloud environment and honeypot deployment, breach and attack response testing, and threat intelligence research/reporting.

Requirements

• 2+ years experience working in a Qualys Cloud environment
• 2+ years previous work in honeypot deployment, breach and attack response testing, and threat intelligence research/reporting

Responsibilities

• Deploy honeypots using open-source solutions for both on-premises and cloud environments
• Implement and configure security solutions to monitor and detect malicious activities
• Regularly review and fine-tune security policies to ensure they are effective and efficient
• Develop comprehensive threat response runbooks and automation playbooks for streamlined incident handling
• Design and conduct annual attack and breach response tests to evaluate the resilience of the system
• Develop an action plan to address any identified vulnerabilities and track the progress of remediation efforts
• Monitor and analyze Qualys scan findings to provide enriched remediation recommendations
• Offer detailed feedback on disputed findings to ensure accurate vulnerability management
• Execute quarterly automated scans for all external-facing applications (up to 300) and document the findings using PlexTrac
• Achieve 100% scanning coverage of digital assets within the vulnerability scanners
• Maintain an up-to-date asset inventory mapping to reflect the current state of digital resources
• Keep ServiceNow records current to facilitate effective asset and incident management
• Monitor threat intelligence feeds using existing tools and open-source platforms to stay ahead of potential vulnerabilities
• Generate and disseminate advisories within 48 hours of identifying significant threats
• Track and report on the remediation progress of issues highlighted in advisories to ensure timely resolution

Preferred Qualifications

• PlexTrac and ServiceNow experience is a plus
• Education in cybersecurity and / or overall experience in networking engineering, SIEM technologies, and pen testing are all pluses

Benefits

• Opportunity to work in a progressive organization with structured training and roadmap for success
• Health benefits, lunches, gym reimbursement, and internet funding for our India staff!