Junior Vulnerability Management Analyst at SDI Presence
SDI Presence LLC is an IT managed services provider (MSP) and consultancy that leverages its strong team presence to advance our clients to a secure digital enterprise. With a 20-year corporate resume, SDI delivers strategic managed services, IT consulting, and hybrid infrastructure solutions to optimize our clients’ technology environments. SDI is a certified Minority Business Enterprise (MBE), with a portfolio of clients that includes some of the nation’s largest airports, utilities, commercial real estate portfolios, and government agencies. SDI delivers a deep technical presence through a local delivery model to achieve customer confidence and success. Visit us at www.sdipresence.com and connect with us on Twitter and Instagram.
The Information Security Office is responsible for safeguarding the confidentiality and availability of an organization’s assets, including its information, services, and people.
The Junior Vulnerability Management Analyst will assist the Information Security Manager in the management and remediation of identified security vulnerabilities, policy violations and audit findings (legal, regulatory, operational, etc.). The Junior Vulnerability Management Analyst will collaborate with SDI technical staff to remediate vulnerabilities and respond to audits.
- Assist the Information Security Manager in assigning and tracking the remediation of security vulnerabilities
- Represent the SDI technical team for internal audit programs
- Work with the SDI technical team to collect, document and deliver the information required by Auditors
- Maintain all documentation required for security assessments, audits, internal controls, and control testing
- Maintains Incident Response Plan and Incident Handling Procedures related to the SOC and SIEM events.
- Ensure that updated security policies and procedures are posted to the knowledgebase
- Maintain awareness of current security trends, threats, policies, procedures, and best practices.
- Help promote security awareness
- Provide ad hoc reporting
- Assist the Information Security Manager in the management of the security operations center (“SOC”)
- BS/BA degree with two years of applicable experience as a cyber analyst
- Security certification a plus (CISM, CISA, CEH, Security+)
- 5+ years of experience working in a related field: IT Operations, Security Administration, Asset/Risk Management
- 1+ years of progressive experience in securing, protecting, analyzing, monitoring and implementing Cybersecurity tools.
- Working knowledge of IT concepts in Network, Server and Desktop support
- Strong understanding of Patch Management operations (Operating Systems, desktop utilities, device firmware)
- Excellent written communication skills using Excel, Word and Power Point
- Familiarity with controls and control frameworks (e.g. NIST Cybersecurity Framework, NIST 800-53, CIS, HIPPA, PCI
- Ability to work independently and within a larger group of engineers
- Strong knowledge on risk scoring vulnerability issues and their individual severities (CVSS)
- Experience using ServiceNow a plus
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.