IO associates are looking for a motivated and driven Cyber Vulnerability Analyst ready to take on a new opportunity as part of the Cyber Assurance Team at a market leading global company.
The Cyber Assurance team is responsible for delivering a complementary suite of security assessment, testing and assurance services across all of a global environment. Your role will be to conduct and co-ordinate technical vulnerability assessments across our IT infrastructure, applications and services, providing subject matter expertise recommendations and delivering clear and accurate reports.
We are looking for an individual with experience of the technologies and processes to perform, analyse, assess and report on vulnerability and configuration assessments across a complex, global operating model as well as demonstrating the skills to develop effective and trusting relationships with internal stakeholders.
* Conduct scheduled security vulnerability and configuration assessments across global applications and infrastructure; and provide expert, technical remedial recommendations.
* Configure, operate and support the vulnerability management technologies and toolsets.
* Deliver the analysis and reporting of the organisation's security posture to key internal stakeholders.
* Create and maintain the set of unified key performance and risk indicators aligned to stakeholder requirements.
* Schedule, co-ordinate and manage the engagement process (with internal stakeholders and third-party vendors) for manual penetration tests performed by approved third party vendors.
* Promote and develop vulnerability assurance initiatives across all regions and work to improve existing security services, including the continuous enhancement of existing methodology material and supporting assets
Skills, Experience & Competencies
* A minimum of five years of technical experience with a strong foundational understanding of enterprise system, network and application architectures (including Microsoft, RHL).
* Solid and demonstrable comprehension of end to end vulnerability management workflow to include industry standards such as CVE, CPE, CVSS.
* Direct hands-on experience performing vulnerability scans using third party tools to perform analysis of systems and the reporting of vulnerabilities (e.g. Nessus, Metasploit, Nexpose, Qualys, IBM AppScan)
* Possess, or working towards, professional or industry certifications, such as, CEH, MCSA, CISSP, SANS, and have an understanding of the security principles outlined in OWASP, CIS, NIST and ISO27000.
If this role sounds perfect for you, don't hesitate to submit your CV. Or if you would like to hear more, please contact Peter Barrett by email at P.barrett @ ioassociates.co.uk or call us on 01173 328 100.