Vulnerability Management Analyst Job Description
Vulnerability management analyst
provides input on security policy and standards for all authorized network devices (Firewalls, IDS/IPS, routers, switches, wireless access points).
Vulnerability Management Analyst Duties & Responsibilities
To write an effective vulnerability management analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included vulnerability management analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Provide administrative support in the modification, design and set-up of applications security
Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components
Perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, databases, and other information system components
USCYBERCOM directives
Perform DoD SCVVI tool and manager servers and performing associated monthly and ad-hoc scans as required on the Network Protection Suites (NPS) and DHA owned and managed systems located in the MHS DMZs, MHS Intranet, or MHS Enclaves
Obtain from supported entities required security policy compliance documentation and artifacts
Cyber Security Operations (CSO)
Technology Controls & Compliance
Educate Software Engineers on coding best practices
Perform Cyber Security Audits and Penetration Tests mitigation of Cyber Security Vulnerabilities
Vulnerability Management Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Vulnerability Management Analyst
List any licenses or certifications required by the position: CISSP, GPEN, GCIH, CEH, CISA, CRISC, IAT, CISM, GIAC, III
Education for Vulnerability Management Analyst
Typically a job would require a certain level of education.
Employers hiring for the vulnerability management analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Education, Information Technology, Technology, Technical, Cyber Security, Engineering, Computer Engineering, Business
Skills for Vulnerability Management Analyst
Desired skills for vulnerability management analyst include:
IDS/IPS
DNS
TCP/IP and other common networking concepts and protocols
Tunneling
Access control
Network defense components
Networking concepts and devices
Operating system and database security
Applications
NIST
Desired experience for vulnerability management analyst includes:
At least Bachelor’s degree in technology-related field, or in computer science with a specialization in telecommunications, or the equivalent
Ability to perform analysis and reporting of information from multiple data sources using data mining technique for the purpose of documenting analysis results, produce report and present to technical and executive stakeholders
Linux and Windows Administration Skills
At least one year experience in information security, security operations
Working knowledge of security testing tools and methodologies, including vulnerability assessment and penetration testing tools, and associated result analysis
Understanding on methodology used for developing proof-of-concept exploit examples to use within reports or live demonstrations
Vulnerability Management Analyst Examples
1
Vulnerability Management Analyst Job Description
Job Description Example
Our growing company is looking for a vulnerability management analyst. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for vulnerability management analyst
- Help Vulnerability Management (VM) Team for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures
- Oversee the coordination of security incident response events
- Participated in the calls to resolve information security incidents including internal events and targeted threats
- Automate the vulnerability management process to improve operation efficiency
- Analyze patch and vulnerability information for Vulnerability Management processes
- Interface with Internal customers and Agency contacts for Vulnerability Management issues
- Provide basic/initial customer response to computer security incidents
- Monitor intrusion detection systems and other cyber security dashboards
- Research, evaluate, and assess emerging cyber security threats, incidents, and vulnerabilities
- Work with the program manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities
Qualifications for vulnerability management analyst
- Work experience with vulnerability assessment tools like Qualys, Foundstone, Rapid7, Nessus and similar
- Secure Code Application Testing tools
- Network Technologies (routers, switches, wireless)
- Minimum 6-8 years of IT security experience such as penetration testing, vulnerability scanning, security audits, configuring and managing security systems
- Experience writing scripts in PowerShell, Ruby, Python, BASH
- Degree in Information Systems, Computer Science or a related field is required
2
Vulnerability Management Analyst Job Description
Job Description Example
Our company is growing rapidly and is looking for a vulnerability management analyst. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for vulnerability management analyst
- Solve basic or repetitive problems
- Perform implementation tasks for systems and networks under supervision
- Perform system and network upgrade tasks under supervision
- Complete orders of vendor services designed and configured by senior team members
- Compile data in support of equipment and user relocations or system migrations
- Perform simple configuration changes to meet business requirements under supervision
- Compile and collect capacity data to be used for planning purposes
- Perform documented preventative maintenance routines under supervision
- Respond to level 3 &4 change and problem requests with supervision
- Investigate and resolve scan and network related issues
Qualifications for vulnerability management analyst
- Information technology and/or cybersecurity experience
- Good understanding of security / vulnerability scanning tools (eg
- Proven ability to drive change in an organization
- Systems Administrator (SA) level of technical ability on at least one platform eg
- Database Administrator (DBA) level of technical ability on one of eg
- Experience with visualization tools – eg
3
Vulnerability Management Analyst Job Description
Job Description Example
Our company is growing rapidly and is looking for a vulnerability management analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for vulnerability management analyst
- Vulnerability discover, analysis and risk rating
- Analysis of vulnerabilities disclosed by vendors, internal/external sources, and vulnerability and intelligence feeds
- Monitor news and intelligence feeds on a daily basis to proactively identify vulnerabilities that may impact the organization
- Provides analysis of vulnerabilities to other team members to assist with overall vulnerability remediation efforts
- Conduct analysis of various data sets in Excel, Splunk, and other enterprise tools to assist with identification of issues within the environment
- Support the identification and impact classification for new vulnerabilities identified in the environment
- Execute and support vulnerability assessments
- Provide Vulnerability Management (VM) team information on the emerging Enterprise vulnerability landscape, in collaboration with the CyberSecurity Operations organization
- Brief VM leadership on vulnerability assessment results and potential risks
- Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
Qualifications for vulnerability management analyst
- Bachelor’s degree in related field or military experience with equivalent work experience is required
- Bachelor’s degree in Information Technology or Information Security
- At least 3+ years of experience with Linux command lines tool
- Experience in an information security related field (cyber risk), prior experience with Qualys or other vulnerability scanning and patching tools is preferred
- Maintain or willing to pursue certification in an information security related field
- Ability to automate the vulnerability data management and reporting process using scripting languages (Python, Perl, Unix Shell, VBA)
4
Vulnerability Management Analyst Job Description
Job Description Example
Our growing company is looking to fill the role of vulnerability management analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for vulnerability management analyst
- Produce actionable intelligence in the form of reports, notifications, and alerts
- Develop mitigation and countermeasure plans from collected threat intelligence
- Perform analysis of security issues and/or vulnerabilities
- Maintain knowledge of security trends and threats
- Provide subject matter expertise for relevant Cybersecurity technologies
- Develop metrics and capabilities to ensure effective vulnerability management
- Executing the vulnerability lifecycle management strategy across the organization
- Configuring, scheduling and executing vulnerability scans, and delivering scan reports
- Establishing relationships with system owners and business process partners for the purposes of ensuring that identified vulnerabilities are remediated in accordance to established timelines
- Working with cross functional teams and internal users to enforce technical security standards by providing assistance in applying established standards to projects
Qualifications for vulnerability management analyst
- Executing penetration tests against network, web, and mobile assets
- 1 year of experience in corporate IT environment or equivalent
- Experience supporting operational IT security requirements or equivalent security training/education, preferred
- Experience with vulnerability assessment and administering vulnerability scanning tool, preferred
- Bachelor's Degree in Computer Science, Mathematics, Engineering or similar area of study preferred
- Understanding of cyber security and risk management best practices
5
Vulnerability Management Analyst Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of vulnerability management analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for vulnerability management analyst
- Researching the threat landscape to keep abreast of vulnerabilities specific to the organization’s IT environment
- Acting as information security subject matter expert whilst participating in projects that are delivering or changing IT systems
- Executing ad-hoc information security tasks as required by information security leadership
- Participate in CSARC (Cyber Security Analysis & Response Center) operations support and incident handling
- Research security testing tools, techniques, and processes
- Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities
- Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes
- Monitor team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the Security Operations Center (SOC)
- Promote collaboration with our stakeholders and Red Team researchers to prioritize the remediation of vulnerabilities and close potential attack vectors
- Understand asset criticality and the identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected
Qualifications for vulnerability management analyst
- Certifications such as CISSP, CEH
- Coding/Scripting experience Perl, VB Script, Python, Bash, Shell
- Knowledge of OWASP tools and methodologies, web application assessments, and system development lifecycle (SDLC)
- A minimum of 5+ years of vulnerability assessment experience
- Technical security certifications preferred, such as GPEN, CISM, and/or CISSP
- Prior experience executing vulnerability assessment activities such as vulnerability scans, penetration tests, web application security assessments, and application security code reviews