Job Description Summary
The VulnerabilityRisk Analyst oversees the assessment of systems andnetworks, and identifies weaknesses or exposures to BD information assets.
The Cyber Fusion Center is a core function of BDSecurity Operations and consists of a multi-disciplined approach that integratescyberthreat intelligence withsecurity monitoring and vulnerability management.
This integration drives the proactive, defensive actions that protect criticaltechnology and data assets. BDSecurityOperations is tasked with safeguarding information assets in support of advancing the world of health.
- Analyze technical vulnerabiltities and attack surface of enterprise computing environment
- Coordinate vulnerability scanning and change management activities with managed service provider.
- Validate/confirm potential vulnerabilities with asset or application owners.
- Evaluate risk when a new vulnerability is identified.
- Manage remediation plans with vulnerable asset or application owners.
- 8+ yearexperience in Information Security
- Ethical hacking principles, general attack stages; specific operational impacts of cybersecurity lapses.
- Demonstrated ability to function in a collaborative environment, seeking continuous consultation with other analysts or experts.
- Ability to communicate complex information, concepts, or ideas.
- Prior experience performing vulnerability scans using Qualys or similar enterprise scanning technology
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacking (CEH), GIAC Penetration Tester (GPEN), or equivalent certification
- Experience with risk management processes such as methods for assessing and mitigating risk.
- Working knowledge of networks, Linux/Unix, Windows administration, patch deployment and system configuration.
- Qualys Certified Specialist - Vulnerability Management, Policy Compliance, Web Application Scanning, AssetView & ThreatPROTECT, and Cloud Agent certifications.
Job ID R-22498