We are currently seeking an Analyst, Threat & Vulnerability Management. This position will report to the Manager, Threat & Vulnerability Management of Realogy’s Cyber Security & Incident Response Team.
The Analyst, Threat & Vulnerability Management will ensure that vulnerabilities are properly and timely identified with the goal of keeping Realogy’s infrastructure secure. This includes monitoring Vulnerability Management processes for performance, coordinating scanning schedules, risk acceptances, and serving as an administrator of the Vulnerability Management tool.
- Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.
- Able to successfully partner with other security and IT infrastructure professionals to assess potential impact from vulnerabilities specific to Realogy’s environment and determine appropriate mitigating controls.
- Using a risk based approach, analyze Realogy’s vulnerability data against open / closed information sources to best prioritize vulnerability hygiene activities.
- Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a an acceptable level based upon Realogy’s policies and standards.
- Understands basic network terminology and common protocols.
- Assist the team with Application and Penetration Testing coordination.
- Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner; across traditional infrastructure and in cloud environments.
- Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
- Review and/or escalate exception requests submitted to the TVM team.
- Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.
- Assist the team to maintain appropriate documentation that defines the Threat & Vulnerability Management Program, policies, and procedures.
- B.S. in Computer Science or equivalent field.
- CISSP, GCTI, or similar industry certification.
- 3-5 years of experience in Vulnerability Management or related field.
- Strong knowledge of Qualys, including configuration and maintenance, scan execution, cloud agent deployment and oversight.
- Detailed knowledge of the Vulnerability Management process including vulnerability identification, false negative/positives identification & elimination.
- Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP).
- Basic knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001&27002).
- Knowledge of technology and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
- Knowledge of Cloud technologies such as AWS and Azure a plus.
- Previous experience working in large scale environments with diverse technologies is a plus.
- Knowledge of applicable scripting languages desired.
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here. Cyberlinx does not own the logos from employers or jobs posts