The Cyber Threat Intelligence team is a core function of Security Operations and is responsible for continually improving the security posture of the organization through analysis of vulnerability and threat data, engaging key stakeholders with actionable intelligence. The Vulnerability Risk Analyst oversees the assessment of systems and networks and identifies where those systems/networks deviate from acceptable configurations or local policy. Remediation activities are coordinated with stakeholders and reported on overall attack surface and diagnostic metrics. The analyst also measures the effectiveness of the organization's security architecture against known vulnerabilities, modeling potential threats, and their impact.

Qualifications:

EXPERIENCE:

• 3-5 year experience in vulnerability scanning and risk management
• Ethical hacking principles, general attack stages; specific operational impacts of Cybersecurity lapses
• Experience with risk management processes such as methods for assessing and mitigating risk
• Prior experience performing vulnerability scans using Qualys or similar enterprise scanning technology

EDUCATION:

• Certified in Risk and Information Systems Control (CRISC), Certified Ethical Hacking (CEH), GIAC Penetration Tester (GPEN), or equivalent
• Bachelor's degree in Computer Science or Cybersecurity from a designated National Center of Academic Excellence in Information Assurance/Cyber Defense

Key Skills:
Ethical hacking