Develop action plans and processes for vulnerability and patch remediation, risk assessments and drive execution of any remediation actions.
Develop hardening guidelines for new technologies and applications.
In partnership with the Business and IT groups, the Vulnerability Management Analyst will provide guidance and solutions to facilitate the assessment and alignment of application services, vulnerability management, and risk awareness to the information security objectives.
Define and execute the process for capture, calculation, consolidation, and presentation of vulnerability metrics for the global enterprise.
Maintains vulnerability management policies, procedures, and training.
Perform network and application-based scans to identify possible network security attacks and host-based scans to identify vulnerabilities in workstations, servers, and other network hosts.
Perform comprehensive vulnerability assessments and continuous monitoring across the organization.
Manage the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.
Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to the computing environment, and communicating applicable vulnerabilities and recommended corrective actions to impacted teams.
Research new threats, vulnerabilities, exploit techniques and develop new methods of testing new threats.
Be an advocate for and champion best practice security configuration and hardening.
Manage vulnerability related tickets to ensure issues are remediated within proper timelines.
Bachelor’s degree* in Computer Science, Cybersecurity, or related field required; Master's degree preferred.
Minimum of 5 years IT Security experience required.
Direct experience with providing vulnerability and threat analysis, understanding of risks, and mitigating controls, prioritization and coordination of resulting action using Vulnerability Management tools (e.g., Tenable, Qualys, etc).
Previous experience with compliance frameworks, their implementations and driving an organization to adhere both to compliance requirements and appropriate security standards.
Knowledge of routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, or network traffic analysis.
Strong knowledge on Vulnerability Management & remediation of OS, App, Network & DB vulnerabilities. Strong knowledge of industry standards regarding vulnerability management including Common Vulnerability Scoring System (CVSS), Common Vulnerability and Exposures (CVE).
Strong understanding of and experience with patch automation, security orchestration, and management tooling for on premise, private cloud, and cloud infrastructure.
Awareness of industry frameworks and best practices: Threat Modelling, OWASP, SANS Security Model.
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISM), Certified Ethical Hacking (CEH), GIAC Information Security Professional (GISP) or other similar certification preferred.
Ability to develop innovative risk mitigation solutions that address core issues with limited supervision.
Excellent written and verbal communication skills.
Professional demeanor and ability to interface with all levels of the organization.
Olin Corporation is an American manufacturer of ammunition, chlorine, and sodium hydroxide. Based in Clayton, Missouri, it traces its roots to two companies, both founded in 1892: Franklin W. Olin's Equitable Powder Company and the Mathieson Alkali Works. After being headquartered for many years in Stamford, Connecticut, it is now headquartered in Clayton, Missouri.