Infotron Solutions
Vulnerability Management and Incident Response Analyst
Infotron Solutions, San Francisco, California, United States, 94199
Job Overview :
The
Vulnerability Management and Incident Response Analyst
is responsible for identifying, evaluating, and mitigating security vulnerabilities within the organization's IT infrastructure, systems, and applications. Additionally, the role involves responding to and managing security incidents, investigating breaches, and coordinating with stakeholders to remediate and recover from security incidents. The analyst will work closely with the security operations team and other IT departments to ensure a proactive approach to security threats and effective incident response protocols.
Key Responsibilities :
Vulnerability Management :
Vulnerability Assessment : Regularly perform vulnerability scans and assessments across systems, applications, and networks to identify security weaknesses or misconfigurations. Risk Assessment & Prioritization : Analyze vulnerabilities based on their risk level (severity, exploitability, and impact) and prioritize remediation efforts in line with business objectives and compliance requirements. Patch Management : Collaborate with system administrators and IT teams to ensure timely patching and mitigation of discovered vulnerabilities. Vulnerability Remediation : Work with engineering, development, and IT teams to recommend fixes or mitigations for identified vulnerabilities, tracking resolution progress. Reporting & Documentation : Maintain comprehensive records of vulnerabilities identified, risk assessments, and the mitigation process. Prepare vulnerability management reports for senior leadership. Security Best Practices : Stay updated with the latest security trends, tools, and techniques to ensure the vulnerability management program is proactive and effective. Incident Response :
Incident Detection & Identification : Monitor security events, alerts, and incidents, working with the security operations center (SOC) and other teams to identify suspicious activities and potential security breaches. Incident Investigation : Lead the investigation of security incidents, collecting and analyzing logs, network traffic, and other relevant data to determine the scope and impact of the breach. Incident Containment & Mitigation : Work with the incident response team to contain and mitigate security incidents, ensuring minimal disruption to business operations. Root Cause Analysis : Conduct a thorough analysis of incidents to identify root causes and contributing factors, ensuring lessons are learned for future prevention. Incident Communication : Provide clear and timely communication to internal stakeholders during an incident, ensuring appropriate escalation and reporting to senior management. Post-Incident Reporting & Remediation : Document incidents, the response process, and lessons learned. Develop recommendations for improving security posture and preventing similar incidents in the future. Collaboration & Continuous Improvement :
Cross-Functional Collaboration : Work with IT, development, and legal teams to align incident response strategies and ensure timely remediation of vulnerabilities and incidents. Security Awareness & Training : Support the development of security awareness programs and training for employees to reduce the risk of social engineering attacks and other common vulnerabilities. Security Tools & Technologies : Assist in the selection, configuration, and usage of vulnerability management and incident response tools and technologies. Required Skills & Qualifications :
Strong understanding of
vulnerability scanning tools
(e.g., Qualys, Nessus, Rapid7) and
patch management
processes. Experience with
incident response tools
(e.g., Splunk, Palo Alto, CrowdStrike) and familiarity with the
MITRE ATT&CK framework . Knowledge of
network security
principles, protocols (e.g., TCP/IP, DNS, HTTP/S), and
security monitoring tools
(SIEM, IDS/IPS, firewalls). Experience with
log analysis
and
forensics
(e.g., parsing logs, packet analysis, malware analysis). Familiarity with common
security frameworks
and standards (e.g., NIST, ISO 27001, CIS, SOC 2). Hands-on experience
in identifying and mitigating vulnerabilities across
operating systems
(Windows, Linux, macOS) and
cloud environments
(AWS, Azure, GCP). Strong
communication skills , with the ability to write detailed reports and present technical information to non-technical stakeholders.
This is a remote position.
Compensation: $50.00 - $60.00 per hour
The
Vulnerability Management and Incident Response Analyst
is responsible for identifying, evaluating, and mitigating security vulnerabilities within the organization's IT infrastructure, systems, and applications. Additionally, the role involves responding to and managing security incidents, investigating breaches, and coordinating with stakeholders to remediate and recover from security incidents. The analyst will work closely with the security operations team and other IT departments to ensure a proactive approach to security threats and effective incident response protocols.
Key Responsibilities :
Vulnerability Management :
Vulnerability Assessment : Regularly perform vulnerability scans and assessments across systems, applications, and networks to identify security weaknesses or misconfigurations. Risk Assessment & Prioritization : Analyze vulnerabilities based on their risk level (severity, exploitability, and impact) and prioritize remediation efforts in line with business objectives and compliance requirements. Patch Management : Collaborate with system administrators and IT teams to ensure timely patching and mitigation of discovered vulnerabilities. Vulnerability Remediation : Work with engineering, development, and IT teams to recommend fixes or mitigations for identified vulnerabilities, tracking resolution progress. Reporting & Documentation : Maintain comprehensive records of vulnerabilities identified, risk assessments, and the mitigation process. Prepare vulnerability management reports for senior leadership. Security Best Practices : Stay updated with the latest security trends, tools, and techniques to ensure the vulnerability management program is proactive and effective. Incident Response :
Incident Detection & Identification : Monitor security events, alerts, and incidents, working with the security operations center (SOC) and other teams to identify suspicious activities and potential security breaches. Incident Investigation : Lead the investigation of security incidents, collecting and analyzing logs, network traffic, and other relevant data to determine the scope and impact of the breach. Incident Containment & Mitigation : Work with the incident response team to contain and mitigate security incidents, ensuring minimal disruption to business operations. Root Cause Analysis : Conduct a thorough analysis of incidents to identify root causes and contributing factors, ensuring lessons are learned for future prevention. Incident Communication : Provide clear and timely communication to internal stakeholders during an incident, ensuring appropriate escalation and reporting to senior management. Post-Incident Reporting & Remediation : Document incidents, the response process, and lessons learned. Develop recommendations for improving security posture and preventing similar incidents in the future. Collaboration & Continuous Improvement :
Cross-Functional Collaboration : Work with IT, development, and legal teams to align incident response strategies and ensure timely remediation of vulnerabilities and incidents. Security Awareness & Training : Support the development of security awareness programs and training for employees to reduce the risk of social engineering attacks and other common vulnerabilities. Security Tools & Technologies : Assist in the selection, configuration, and usage of vulnerability management and incident response tools and technologies. Required Skills & Qualifications :
Strong understanding of
vulnerability scanning tools
(e.g., Qualys, Nessus, Rapid7) and
patch management
processes. Experience with
incident response tools
(e.g., Splunk, Palo Alto, CrowdStrike) and familiarity with the
MITRE ATT&CK framework . Knowledge of
network security
principles, protocols (e.g., TCP/IP, DNS, HTTP/S), and
security monitoring tools
(SIEM, IDS/IPS, firewalls). Experience with
log analysis
and
forensics
(e.g., parsing logs, packet analysis, malware analysis). Familiarity with common
security frameworks
and standards (e.g., NIST, ISO 27001, CIS, SOC 2). Hands-on experience
in identifying and mitigating vulnerabilities across
operating systems
(Windows, Linux, macOS) and
cloud environments
(AWS, Azure, GCP). Strong
communication skills , with the ability to write detailed reports and present technical information to non-technical stakeholders.
This is a remote position.
Compensation: $50.00 - $60.00 per hour