Logo
Open Systems Technologies

Vulnerability Management Specialist

Open Systems Technologies, New York

Save Job

Job Title: Vulnerability Management Specialist

A financial firm is seeking a Vulnerability Management Specialist in Iselin, NJ or NYC.

Compensation: $105-110k

Responsibilities:

  • Develop and implement the firm's IT Strategy in collaboration with IT teams, ensuring alignment with overall business objectives.
  • Research and evaluate new security products and services to ensure the firm is equipped with industry best tools and solutions.
  • Operate controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, especially focusing on cloud deployments.
  • Conduct IT Security risk assessments for high-impact projects, defining controls to mitigate risks impacting technology architectures, service providers, and partners.
  • Review and update IT Security procedures to reflect best practices and address emerging threats.
  • Manage IT Security Monitoring and Response, addressing FRB and Internal Audit findings with timely resolutions.
  • Maintain relationships with third-party IT security vendors and strategic partners.

Vulnerability Identification:

  • Use automated tools to perform regular scans on networks, applications, and endpoints.
  • Stay updated with vulnerability databases (e.g., CVE) and emerging threats to identify new vulnerabilities.

Vulnerability Assessment:

  • Assign severity ratings to vulnerabilities using frameworks like CVSS.
  • Assess the potential impact of vulnerabilities on the business, including exploitation likelihood, data loss, and operational disruption.

Vulnerability Remediation:

  • Coordinate patch management with IT and development teams to apply updates.
  • Implement configuration changes to reduce vulnerability exposure where applicable.

Qualifications:

  1. Experience with virtualized and cloud platforms such as AWS, Azure, or Office 365.
  2. Bachelor's degree in Computer Science, Cybersecurity, or related field.
  3. Experience conducting vulnerability scans using tools like Nessus, Qualys, or Rapid7.
  4. Ability to analyze vulnerabilities, assess impact, and recommend mitigation strategies.
  5. Coordinate patch management using tools like WSUS, SCCM, or Ansible.
  6. Assist in security incident investigations and provide vulnerability mitigation expertise.
  7. Generate detailed vulnerability reports and communicate findings effectively.
  8. Ensure compliance with security standards and regulations.
  9. Develop and maintain vulnerability management policies, procedures, and response plans.
  10. Participate in continuous improvement of vulnerability management processes.
  • Security certifications such as CISSP, GIAC GSEC, GCED, GCIA, GCIH, GREM, GCFR, or equivalent are preferred.
  • Knowledge of incident handling frameworks such as ISO 27035, SANS, NIST SP 800-61, CERT, ENISA.
  • Experience with scripting and automation tools like Python, PowerShell, and familiarity with operating systems and configuration management tools like VMware, Puppet, Chef, or Ansible is desirable.
#J-18808-Ljbffr