Vulnerability Management Analyst

Summary

Join Proficio, an award-winning MDR services provider, as a Vulnerability Management Analyst. You will play a key role in enhancing our client's cybersecurity posture. Responsibilities include honeypot deployment and maintenance, threat analysis, attack and breach response testing, vulnerability tracking and remediation, and threat intelligence tracking and reporting. This position requires experience with Qualys, honeypots, breach response testing, and threat intelligence. Preferred qualifications include PlexTrac and ServiceNow experience, along with cybersecurity education or experience in networking, SIEM, and penetration testing. Proficio offers a supportive environment with structured training and various benefits.

Requirements

• 2+ years experience working in a Qualys Cloud environment
• 2+ years previous work in honeypot deployment, breach and attack response testing, and threat intelligence research/reporting
• Work history should include Qualys scanner and agent deployment, scheduling and running of ad hoc and regular environment scans, and remediation review and execution work
• Excellent presentation skills, ability to communicate technical concepts in a clear and concise manner, strong organizational skills

Responsibilities

• Deploy honeypots using open-source solutions for both on-premises and cloud environments
• Implement and configure security solutions to monitor and detect malicious activities
• Regularly review and fine-tune security policies to ensure they are effective and efficient
• Develop comprehensive threat response runbooks and automation playbooks for streamlined incident handling
• Design and conduct annual attack and breach response tests to evaluate the resilience of the system
• Develop an action plan to address any identified vulnerabilities and track the progress of remediation efforts
• Monitor and analyze Qualys scan findings to provide enriched remediation recommendations
• Offer detailed feedback on disputed findings to ensure accurate vulnerability management
• Execute quarterly automated scans for all external-facing applications (up to 300) and document the findings using PlexTrac
• Achieve 100% scanning coverage of digital assets within the vulnerability scanners
• Maintain an up-to-date asset inventory mapping to reflect the current state of digital resources
• Keep ServiceNow records current to facilitate effective asset and incident management
• Monitor threat intelligence feeds using existing tools and open-source platforms to stay ahead of potential vulnerabilities
• Generate and disseminate advisories within 48 hours of identifying significant threats
• Track and report on the remediation progress of issues highlighted in advisories to ensure timely resolution

Preferred Qualifications

• PlexTrac and ServiceNow experience is a plus
• Education in cybersecurity and / or overall experience in networking engineering, SIEM technologies, and pen testing are all pluses

Benefits

• Health benefits, lunches, gym reimbursement, and internet funding for our India staff!
• Opportunity to work in a progressive organization with structured training and roadmap for success
• Experience in one of the hottest IT industries today