Vulnerability Analyst Resume Samples
4.7
(80 votes) for
Vulnerability Analyst Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the vulnerability analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
AR
A Reilly
Antonette
Reilly
3709 Schuppe Isle
Houston
TX
+1 (555) 606 0094
3709 Schuppe Isle
Houston
TX
Phone
p
+1 (555) 606 0094
Experience
Experience
Philadelphia, PA
Vulnerability Analyst
Philadelphia, PA
Beahan-Hermiston
Philadelphia, PA
Vulnerability Analyst
- Guiding the development of information security standards, guidelines, and policy
- Knowledge of industry standard scoring models such as CVSS, CCSS
- Provide technical consultation on application design, architecture and system performance, and evolving technologies
- Conduct research on and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption
- Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions for standards such as PCI, ISO 27001 and CoBIT
- Responsible for identifying and classifying cyber security vulnerabilities and work on mitigation plans with system owners, ensure plans are documented understood and track the results of the plan execution
- Provide analytical support to critical infrastructure incident response activities led by the Department of Homeland Security (DHS), Office of Cyber and Infrastructure Analysis (OCIA), Analysis Section
Philadelphia, PA
Threat Intelligence & Vulnerability Analyst
Philadelphia, PA
Borer and Sons
Philadelphia, PA
Threat Intelligence & Vulnerability Analyst
- Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
- Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
- Help build/improve an exception process to manage policy compliance deviation
- Perform policy compliance scans and deliver reports to the technology owners
- Work with technology owners to validate the policy compliance profiles Review the policy compliance scan results with stake holders
- Onboard the assets for target technologies in enterprise security tool
- Knowledge of scripting languages like python and Perl
present
Boston, MA
All Source Threat & Vulnerability Analyst
Boston, MA
Osinski, Gutmann and Jaskolski
present
Boston, MA
All Source Threat & Vulnerability Analyst
present
- Perform research and conduct assessments of emerging threats
- Perform all source threat analyses of threats to DC&MA's assets and programs
- Utilize a structured analytical process to identify physical, information, personnel, and operational protection gaps that could provide an adversary with insights into CPI/critical information
- Assist in the valuation and prioritization of assets based on the consequence of loss
- Performs other security related duties as directed
- Ensure compliance in accordance with National Industry Security Program DoD 5220.22-M
- Assist in the integration of assessment of assets, threats and vulnerabilities and assists in weighing the calculated risk against the projected cost of security
Education
Education
Bachelor’s Degree in Mechanical Engineering
Bachelor’s Degree in Mechanical Engineering
Columbia University
Bachelor’s Degree in Mechanical Engineering
Skills
Skills
- Wide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT security
- Knowledge of vulnerability attack methods, exploit results, attack chains
- Highly motivated self-starter with ability to multitask and complete assignments within time constraints and deadlines
- Strong work ethic and ability to effectively multi-task in a fast paced support environment
- Professionalism, dependability, integrity and trustworthiness combined with a cooperative attitude
- Knowledge of penetration testing concepts and tools
- Experience with vulnerability scanning tools
- Knowledge of network routing and switching
- Knowledge of interrogating networks
- Experience with the Palantir platform highly desired
15 Vulnerability Analyst resume templates
Read our complete resume writing guides
1
Vulnerability Analyst Resume Examples & Samples
- Experienced with modeling and simulation
- Experience with MathWorks MATLAB
- Experience with computer programming, including Matlab
- Experience with engineering or physics
- 1+ years of experience with computer-aided design (CAD) software packages, including SolidWorks
- Knowledge of FORTRAN programming a plus
- Knowledge of Linux and other UNIX-based systems preferred
2
Vulnerability Analyst Resume Examples & Samples
- This role can be located in our Stamford, Chicago, and Alpharetta office or remote
- Analyze vulnerability test reports and suggest remediation / mitigation plan. Includes ability to prioritize process and reporting enhancements
- Use and/or enhance metrics to track the performance and efficiency of the VM (vulnerability management) effort
- Coordinate, manage and conduct network vulnerability tests and remediation with end users; and participate in dynamic/static application code scans/assessments
- Determine deviations from acceptable configurations, enterprise or local policy
- Keep track of new vulnerabilities on various network and infrastructure components
- Utilize both manual methods and automated tools to identify and remediate vulnerabilities
- Provide technical consultation on application design, architecture and system performance, and evolving technologies
- Conduct research on and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption
- Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions for standards such as PCI, ISO 27001 and CoBIT
- Bachelor’s degree with a minimum 2 years of Information Technology and/or IT security related experience in software security testing, application security architecture, operating system, network, database OR High School Diploma/GED with a minimum of 4 years IT and/or IT security related experience in software security testing, application security architecture, operating system, network, database
- Minimum 2 years of experience with ticket tracking with tools such as ServiceNow or Remedy
- A minimum 2 years of experience performing penetration tests using automated security tools and manual techniques
- Experience of Network Security technology in areas of Firewall, IPS, VPN, gateway security solutions (proxy, web filtering)
- Experience with VM scanning using tools such as Qualys, WebInspect, AppScan, Burp Suite, Nessus, NMAP, Veracode and Fortify
- Experience with Unix and Windows platforms
- Results driven, strategic, conceptual, and innovative thinker
- Understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
- Knowledge of databases such as Oracle, DB2, MS-SQL
- Programming knowledge of .Net/Python/Perl and strong knowledge of HTML/JavaScript/CSS
- One or more relevant security certifications (e.g. GCIA, GSNA, GCIH, CEH, GIAC)
- Highly analytical, vision and strong problem solving with a common sense approach to resolving problems
- Demonstrated ability to clearly define complex issues despite incomplete or ambiguous information
3
Vulnerability Analyst Resume Examples & Samples
- Intermediate to advanced technical knowledge of, and the ability to recognize, various types of security vulnerabilities
- Broad experience across a variety of platforms and operating systems such as Windows, Linux, UNIX, and OS X
- Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite, etc
- Proficient in network security and patch management
- Proficient in network security architecture
- Intermediate to advanced knowledge of TCP/IP networks, ports, protocols, and infrastructure setup
- Intermediate to advanced knowledge of web server software, including Microsoft IIS and Apache web servers
- Intermediate to advanced knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
- Understanding of web frameworks, including XML, SOAP, JSON and Ajax
- Proven analytical and problem solving skills, as well as the desire to assist others in solving issues
- Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team
- Understanding of C, C#, PHP, and Java
- Working knowledge of ethical hacking methodologies such as Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Penetration Testing Execution Standard (PTES), and/or Penetration Testing Framework
- A minimum of 8 years of IT experience is required
- 2+ years of hands-on, dedicated vulnerability management/ penetration testing / ethical hacking experience / red team
- CISSP, CEH, GCIH, or other security related certification
4
Vulnerability Analyst Resume Examples & Samples
- Configure vulnerability scans, tailored to specific client requirements
- Analyze and understand results to determine existence of security vulnerabilities and identify false positives
- Liaise with ISSO and SIRT for proper Risk scoring
- Produce vulnerability assessment reports and distribute to IT Support teams (for remediation)
- Provide feedback on operational and procedural documentation as required
- Consult with other Internal Areas (roles & responsibilities) as required
- Develop briefing documents for management concerning security posture
- Demonstrate knowledge of IT Security (ITS) interoperability, connectivity and integration issues related to distributed or centralized IT infrastructures
- Understand industry’s current direction as it relates to IT Security, and ensure progressing in accordance to both industry’s direction as well as the Government of Canada’s direction
- Supporting member as required to the Bell MSSO SIRT (Security Incident Response Team)
- Develop weekly, monthly status reports as required
- A Government of Canada Security Clearance of Secret (Level II) or above is mandatory
- Minimum of 5 years professional work experience which must be directly related to the development of information security solutions and/or the analysis of information security event logs, vulnerabilities etc
- Experience in conducting vulnerability assessments
- Experience in managing and operating IT infrastructure with hands on experience on Firewall’s, VPN and other Security appliances
- Analyze IT solutions and technology infrastructure in order to identify and assess security vulnerabilities, threats, and risks
- A security based professional qualification desirable (e.g. CISSP, CISM, CISA)
- Think analytically and synthesize technical information from various sources
- Write detailed technical reports and recommendations in clear language
- Adapt to a changing environment and manage priorities
- Bilingual in French and English would be a strong asset
5
Citi Infrastructure Vulnerability Analyst Resume Examples & Samples
- Deep understanding of OSI model
- Web development and programming or scriptinglanguages i.e. Python, Perl, Ruby, Java, and/or .Net
- Knowledge of tools and processes used to expose common vulnerabilities and implementcountermeasures
- Backgroundin a similar role
- Being familiar with reverse engineering techniques
6
M HIS Threat & Vulnerability Analyst Resume Examples & Samples
- Analyze cyber threats, vulnerabilities and provide remediation plans
- Coordinate with the Incident response teams participating in major and critical security incidents
- Perform detailed analysis of the threat including attacker’s capabilities, intentions, motives, tactics, techniques, tools and apply the knowledge to response activities
- Ability to conduct vulnerability assessments and penetration testing Provides project
- Create scripts and utilities to automate vulnerability scans, analysis and other tasks
- Bachelor’s degree or higher from an accredited university
- Minimum of one (1)+ years of experience with security tools Example (Nessus, KALI Linux, Metasploit) Course work included
- Minimum of one (1)+ years of experience supporting hosted and virtual environments (course work included)
- Cloud Security Experience
- Incident management, escalation and forensic experience
7
Vulnerability Analyst, Senior Resume Examples & Samples
- 5+ years of experience with vulnerability research
- Experience with C programming in contemporary Windows or Linux software development environments
- Experience with reverse engineering Windows applications and Windows kernel modules using IDA Pro, OllyDbg, Windbg, and others
- Experience with implementing cryptographic algorithms
- Experience with developing Windows device drivers
8
Vulnerability Analyst Resume Examples & Samples
- 8+ years of experience with Tenable Nessus, NMAP, eEye Retina, or other scanning tools, SIEM platforms, performing use case development, engineering support, and SIEM architecture development and implementation
- Experience with multiple operating systems, including Windows and Linux-based OS and basic scripting and programming skills in Java, C++, Visual Basic, or other languages required
- MS degree in CS, Information Systems Management, Information Security, or Engineering
- CEH, CISSP, CAP, SANS GSEC or GCIH, CCNA, or Security+ Certification
9
Acas Vulnerability Analyst, Mid Resume Examples & Samples
- 2+ years of experience with IT, including in a network operations center supporting a large-scale IT network
- Experience with designing, documenting, implementing, maintaining, and updating the ACAS tool suite, including Nessus scanners, PVSs, and Security Center
- Experience with implementing STIGs
- DoD 8570.1M IAT III Certification, including CASP or CISSP or Security+ CE Certification with an additional 1 year of experience with Cybersecurity
- Experience with Microsoft Office Word, Excel, PowerPoint, and SharePoint
- Experience with DoD and Marine Corps Cybersecurity clients
- Knowledge of the Information Technology Infrastructure Library (ITIL) framework and employing its processes and procedures to enhance service delivery
- BS degree in a technology field preferred
10
Vulnerability Analyst Resume Examples & Samples
- Bachelor’s Degree and a minimum of 5 years’ experience required for the level 3 role
- Bachelor’s Degree and a minimum of 9 years’ experience required for the role 4 role
- Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment
- Experience with technical operation and administrative leadership in support of cyber vulnerability assessments
- Windows and UNIX operating systems support experience required
- Vulnerability assessment and troubleshooting experience required
- Cyber Security integration
- CISSP certification
11
Threat & Vulnerability Analyst Resume Examples & Samples
- Work with the Threat and Vulnerability Manager and the Security Operations team to develop and maintain a threat and vulnerability intelligence process that monitors for emerging systems vulnerabilities and cyber threats
- Produce weekly and monthly security reporting relating on the Threat and Vulnerability Management services
- Collect, aggregate, synthesize, analyse and report on data from multiple sources and formats. Visualisation of data from the issue management tool into management reports
- Creation and Collection of new data into fields, workflows, issue types within the issue management tool
- Creation of standardised daily reporting processes from the data sets
12
Vulnerability Analyst Resume Examples & Samples
- Responsible for identifying and classifying cyber security vulnerabilities and work on mitigation plans with system owners, ensure plans are documented understood and track the results of the plan execution
- Bachelor's degree and 4+ years of experience in cyber security. Additional experience or certification may be considered in lieu of degree
- Experience in planning mitigations for systems vulnerabilities
- Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties
13
Vulnerability Analyst, Junior Resume Examples & Samples
- Experience with modeling and simulation
- Experience with computer programming, including MATLAB
- 1+ years of experience with Computer-Aided Design (CAD) software packages and SolidWorks preferred
- Experience with NX, Pro-E, SolidWorks, or CATIA computer-aided design packages
- BS degree in Mechanical Engineering
14
Vulnerability Analyst Resume Examples & Samples
- Operating appropriate vulnerability monitoring tools sets
- Analyse results/events from the monitoring tools sets and assess the risk
- Carry out analysis to determine the root cause of events, and to provide incident response and reporting in support of operational effectiveness
- Analyse virus scanning results and manage/investigate malware outbreaks
- Conduct security testing throughout the IS environment, including testing of external portals used by the company
- Identify key vulnerabilities and patches from external sources and prioritise vulnerability implementation
- Provide security sign off and governance for security devices in the IS environments, including changes to all security devices such as IDS and firewall changes
- Support client facing / end user helpdesk and other IT Support Team’s
- Responsible to the Head of CSOC for the day-to-day aspects of the various Monitoring tool sets within the ITO managed services network environments
- Identify service inadequacies and contribute to the Customer Service Improvement Plan
- Maintain an understanding of current and emerging threats and vulnerabilities and security technology developments
- Assist in the development of an end-to-end vulnerability process, including reporting of vulnerabilities and escalation of critical vulnerabilities
- Candidate will need to become familiar with, adhere to and ensure implementation of all Thales security policies and standards and the change control environment
- Ensuring support tickets are fully updated with the most current data. Provide proper escalations and handoffs to management and support staff
- Ability to understand business issues and context, with the ability to dive deeply into technology issues, integrate business information and understand the critical role of securing the information system in the organisation
- Thorough Data analysis experience and skills
- Knowledge of interrogating networks
- Experience working within a team environment Working within a team
- Some experience either working in a military security background, IT forensics skills and training or a Traditional IT security type role
- Hands on Operational Experience with vulnerability management tools
15
RTB Vulnerability Analyst Resume Examples & Samples
- Support Head of RTBVM with Vulnerability Management and Remediation. Deliver prioritised remediation initiatives in line with the team’s objectives
- Facilitate in risk and vulnerability assessments of applications and systems to ensure technical vulnerabilities are identified and correctly managed
- Ensure that security issues identified during RTB activities are managed, and where appropriate ensuring that RTB vulnerabilities are progressed to BTB projects to ensure appropriate governance to remedial actions
- Assist Risk Owners to accurately assess the likelihood and impact of technical vulnerabilities
- Provide accurate and timely data for technical vulnerability reports as per approved standards and processes
- Prepare intelligent management information sets for the vulnerability exposure position of the production and disaster recovery environments
- Articulation of security risk exposure to Run The Bank stakeholders
- Provide input to Security Solutions for the creation and update of Secure Builds and Secure Building Blocks
- Collaborate with GIS Red Team to capture and oversee the remediation of identified security weaknesses, ensuring these are delivered as BTB project activities where appropriate and adherence to required change governance
- Facilitate in the management of non-compliances to Information Risk Standards and Policies for the RTB teams on security issues identified
- Facilitate in root cause analysis for wide scale vulnerabilities
- IT expertise coupled with understanding of financial services and impacting laws and regulations
- Understanding of principles, practices, and techniques related to IT Security
- Knowledgeable about existing best practices for integration of security controls
- Understands security controls from a people, process and technology perspective. Experienced at implementing or managing risk management processes and tools
- Deliver results which add value
- Working towards security qualification (CISSP or CISM, Security Testing, Ethical Hacker Certification Preferred)
- Relationship, communication and stakeholder management skills
- Working in a team and task prioritisation with a focus on delivery
- Strong Written and Verbal language skills
16
Vulnerability Analyst, Junior Resume Examples & Samples
- 1+ years of experience with Computer
- Aided Design (CAD) software packages and SolidWorks preferred
- Experience with NX, Pro
- E, SolidWorks, or CATIA computer
- Aided design packages
- Knowledge of Linux and other UNIX
- Based systems preferred
17
Vulnerability Analyst Resume Examples & Samples
- Forecasts the effectiveness of proposed countermeasures and evaluates their actual effectiveness after they are implemented
- Develops a strategy to address the most serious potential problems first
- 8+ years’ relevant experience with Bachelor’s degree
18
Vulnerability Analyst Resume Examples & Samples
- Minimum of 1 year experience with enterprise scanning tools
- Minimum of 1 year experience with various Linux, Windows, and BSD-based operating systems
- In-depth knowledge of system configuration baselines
- CompTIA Security+ Certification Required
- CISSP or CEH Certification
19
All Source Threat & Vulnerability Analyst Resume Examples & Samples
- Perform all source threat analyses of threats to DC&MA's assets and programs
- Perform vulnerability analyses of DC&MA's assets and programs
- Perform research and conduct assessments of emerging threats
- Develop threat and vulnerability briefings
- Perform and oversee research of special topics that may arise coincidently to the technical assessments, and prepare structured studies and analyses as appropriate. Prepare synopses, briefings, and summaries of analyses as required
- Assist in the process of selecting and implementing security countermeasures to achieve acceptable levels of risk at an acceptable cost
- Assist in the integration of assessment of assets, threats and vulnerabilities and assists in weighing the calculated risk against the projected cost of security
- Assist in the valuation and prioritization of assets based on the consequence of loss
- Ensure compliance in accordance with National Industry Security Program DoD 5220.22-M
20
Vulnerability Analyst Resume Examples & Samples
- Performing vulnerability watch and processing of incoming vulnerability warnings, alerts and reports
- Overseeing the management of known vulnerabilities through established processes and procedures
- Validating the existence of suspected vulnerabilities by determining where they are located and how they can be exploited
- Verifying that the vulnerability response strategy has been successfully implemented
- Performing regular vulnerability scans of system and applications, writing reports including recommendations for improvements and following-up the remediation process for identified vulnerabilities
- Participating in the definition of security baselines
- Educated to a degree level in Information Technology or equivalent and at least 5 years professional experience
- More than 3 years’ experience in Vulnerability analysis
- The candidate should hold at least one valid certification or be capable of passing one: GCWN, GCUX, GPEN, GCCC, GXPN or an equivalent one recognised internationally
- Fluent in French and English; another European language is a plus
21
Vulnerability Analyst Internship Resume Examples & Samples
- Maintain and execute processes to collect and update vulnerability information to inform customer protection
- Provide support to internal teams and clients as needed
- Information Technology and/or cyber security related knowledge, expertise, or interest
- Interest in learning about classes of software vulnerabilities, appropriate remediation, and industry‐standard classification schemes (CVE, CVSSv2, CVSSv3, CWE, CPE)
- Educational background and interest in systems administration, systems engineering, software development, and/or TCP/IP network administration
- Educational background and interest in a variety of security‐related processes, including secure coding practices, patch management, vulnerability analysis, or IDS/IPS
- Interest in analyzing software vulnerabilities in order to appropriately characterize threat, provide remediation advice, and assign a meaningful severity score/priority
22
Senior Patch & Vulnerability Analyst Resume Examples & Samples
- Responsible for patching assets in development, test and production environments while ensuring quality and minimal impact
- Assess security vulnerabilities to identify appropriate remediation: patching, configuration change, deprecation or exception
- Responsible for adherence to patch management service level agreements (SLAs)
- Provides continual improvement of procedures and standards
- 24/7 support availability required
- Knowledge of security standards/frameworks: NIST, FISMA, RMF required
- Experience with WSUS and SCCM required
- Experience with HEAT Patchlink required
- Proficiency in Windows server and workstation system administration required
- Ability to work with multiple teams toward task completion required
- Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field OR Minimum five (5) years’ experience in IT or a related field required
- Four (4) years’ experience working on project or technical teams preferred
- Four (4) years’ experience performing vulnerability assessments of IT technologies preferred
- Four (4) years’ experience in IT incident management preferred
- Four (4) years’ experience in Windows/Intel administration or Microsoft Certified Systems Administrator (MCSA) preferred
23
Lead Patch & Vulnerability Analyst Resume Examples & Samples
- Coordinates and participates in remediation services to infrastructure teams based on vulnerability and policy compliance scans
- Actively participates in strategic and tactical patch and vulnerability management activities
- Coordinates and participates in proactively developing patch and vulnerability management procedures and processes in conjunction with business and IT teams
- Negotiate, plan and manage patch activities
- Utilize tools to automate patch procedures
- Present patch and vulnerability status reports to IT and Security teams as well as senior management
- Provides leadership, guidance and task assignment to other team members
- Experience with Advanced Installer for creation of packages required
- Experience with SCCM deployments required
- Experience with VMware Virtual Center required
- Ability to work with multiple teams toward task completion
- Excellent written and verbal communication skills required
- Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field OR Minimum five (7) years’ experience in IT or a related field
- Five (5) years’ experience working on project or technical teams preferred
- Five (5) years’ experience performing vulnerability assessments of IT technologies preferred
- Five (5) years’ experience in IT incident management preferred
- Five (5) years’ experience in Windows/Intel administration or Microsoft Certified Systems Administrator (MCSA) preferred
24
Vulnerability Analyst Resume Examples & Samples
- Support strategic infrastructure assessments, analytic agenda development efforts, and assigns relative levels of importance to infrastructure resources in coordination with Federal Leads
- Support development of strategies to mitigate the most serious infrastructure threats and provide consequence analysis
- Collaborate in outreach activities to Federal, State and local government partners (includes coordination with U.S. National Laboratories) and the private sector, including requirements management
- Responsible for the analysis of vulnerabilities of and the consequences if an incident is predicted to occur or has occurred to critical physical and or cyber infrastructure within specific critical infrastructure sectors or FEMA regions. Such analysis may include the development of written risk estimates, products, or quick-turn responses to questions and requirements from senior leaders and executives from the Department, State and local government, and infrastructure owners and operators in the form of: In Response to Your Question, Infrastructure Impact Assessment, Infrastructure Note, Infrastructure Quick Looks or other products developed by OCIA
- 1 to 2 years of relevant experience with Bachelor’s degree; 3 years of experience without a degree
25
Vulnerability Analyst Resume Examples & Samples
- Configure and review scan jobs
- Track and monitor vulnerabilities and EOL status for application ecosystems such as Rails, node.js, Java, etc
- Triage vulnerability reports using data flow diagrams, threat models, and public intel
- Advise system owners and product managers regarding risk, mitigation, and patching
- Develop and publish reports
26
Threat & Vulnerability Analyst Resume Examples & Samples
- Significant practiced experience executing and leading vulnerability assessment and penetration testing engagements. Significant, demonstrated knowledge regarding security vulnerabilities, application analysis, and protocol analysis; with a specialization in at least two subject areas
- Strong analytical and problem solving skills
- Experience devising methods to automate testing activities and streamline testing processes
- Significant experience with Linux and Windows operating systems
- Practiced experience with common programming or scripting languages
- Exploit development experience a plus
- Ability to interpret and prioritize vulnerability scan results into remediation actions, track those actions through to completion, and transfer knowledge to others
- Demonstrated ability to prepare documentation and presentations for technical and non-technical audiences
- Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools)
- Ability to understand and articulate information security risks associated with vulnerability and penetration testing
- Knowledge of patching programs ofmajor hardware/software manufacturers
- Knowledge of secure configuration and hardening of systems
- Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice
- Significant experience with classes of vulnerabilities, appropriate remediation, and industry standard classification schemes (CVE, CVSS, CPE)
- Bachelor’s degree in Computer Science or related field required
- At the manager’s discretion, additional relevant experience may substitute for the degree requirement
- Typically requires 6 years Security Analyst experience with 5+ years experience performing vulnerability assessments and penetration testing
- Experience applying ethical hacker techniques, phishing schemes, emerging logical security threats, and compromised server techniques
- Current CEH, GPEN, CISSP, and GCIA certifications preferred
27
Vulnerability Analyst Resume Examples & Samples
- Wide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT security
- Knowledge of application development platforms
- Coordinates delivery of project milestones, ensures projects stay on target, escalating and identifying roadblocks
- Must be able to identify, analyze and address problems to resolve issues whenever possible in way that minimizes negative impact and risk to the organization
- Strong work ethic and ability to effectively multi-task in a fast paced support environment
- Ability to work independently on initiatives with little oversight
- Highly motivated and willing to learn
- Must have strong leadership skills and qualities which enable you to work with peers and various levels of management
- Ability to write scripts and query databases to extract and transform data
- Exceptional analytical and critical thinking abilities; Able to develop and convey a point of view
- Knowledge of industry standard scoring models such as CVSS, CCSS
- Knowledge of industry standard data models such as CPE and data normalization tools
- Knowledge of vulnerability attack methods, exploit results, attack chains
- Ability to think strategically and execute against a strategic plan
- Professionalism, dependability, integrity and trustworthiness combined with a cooperative attitude
- Able to thrive in a dynamic team environment
- Individual with desire to learn and teach others, high energy, positive attitude
- Bachelor’s degree or 5+ years work experience in IT
- Knowledge of security research tools, and products
- SANS certifications and CISSP preferred
- Ability to write develop scripts for automating routines
- Ability to develop applications/solutions for enhancing and automating daily routines
- Ability to work with Technical and Non Technical business owners
28
Vulnerability Analyst Resume Examples & Samples
- Prepare and review security assessments for new and existing information systems, applications, and information technology services of Michigan Medicine Service Providers for compliance with U-M and Michigan Medicine policy and procedure, as well as relevant legal and regulatory requirements and security standards
- Use tools and methodology to assess the information security risks associated with sensitive and mission critical systems based on the NIST 800-53 security control framework
- Mentor junior members of the team. This may include reviewing work for adherence to standards, provide coaching guidance, and provide solutions to problems arising during assessments or other projects
- Develop mitigation strategies to bring risk levels into an acceptable range and assist and support the Michigan Medicine Service Providers with those remediation activities
- Identify information security risk areas where further awareness and training is needed
- Compare, evaluate, and recommend improvements in policies, procedures, and technical safeguards to address significant risks to the security of Michigan Medicine information systems and data
- Detect and/or assess the impact of reported vulnerabilities; implement mitigation strategies based on severity
- Identify sensitive data and provide input for proper storage and protection
- Make recommendations and participate in the development of information assurance policies and procedures
- Participate in the development of education and awareness efforts and the timely dissemination of security information to staff and end users
- Lead process improvement and problem management of risk management functions within the Michigan Medicine information assurance team
- Balance and adjust security decisions based on qualified data with an understanding of operational business risks versus security threats
- Build good relationships with teams, and stakeholders at all levels (e.g. management, colleagues, and employees) using strong competencies to build trust, change perceptions, effectively communicate, and influence
- Provide input to the Health System Chief Information Security Officer in the strategic planning and improvement of security service capabilities
- Communicate and coordinate with information sharing and analysis centers (NH-ISAC)
- Collaborate with teams, stakeholders and business partners to understand and implement improvement opportunities
- Ensure parameters are established and monitor process quality and performance metrics; create analysis and trending reports from performance data associated with process operation to influence decisions effectively in areas of risk management solutions and services
- Inspire and influence teams including staff and Health Information Technology & Services business partners to deliver risk management solutions and offerings effectively to the academic medical center’s community
- Continually improve security service solutions and offerings by keeping up-to-date on security conferences, seminars, reading, research, and testing
- Guiding the development of information security standards, guidelines, and policy
- Develop sound relationship with internal and external customers by providing accurate and effective support
- Minimum of 7 years experience in information systems security
29
Cybersecurity Vulnerability Analyst Resume Examples & Samples
- Collects intrusion artifacts (e.g., source code, malware, trojans) and uses discovered data to enable mitigation of potential incidents within the enterprise
- Trouble-shoots moderately complex issues with existing security and privacy protection protocols
- Performs technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, and supporting infrastructure)
- Conducts and/or supports authorized penetration testing on enterprise network assets
- Possess knowledge, experience and understanding of vulnerability management framework and process application.Possess advanced knowledge related to administration, operation, and application of vulnerability scanning technologies
- Detect, identify, and assess network vulnerabilities and system vulnerabilities based on cyber security vulnerability reporting cycles
- Characterize the risk associated with identified vulnerabilities based on the threat impact for a single or combined number of vulnerabilities
- Provide mitigation recommendations on how to eliminate or reduce risk factors based on architectural, network, hardware, firmware, and software configuration approaches
- Prioritize vulnerability finding notification based on the criticality (risk) score of a single or multiple composite vulnerabilities
- Coordinate with organizational and system stakeholders by tracking and reporting periodic (i.e. daily, weekly, etc.…) vulnerability analysis and vulnerability assessment results
- Perform system administration of vulnerability management systems that are used to perform automated and manual assessment methodologies, practices, and remediation
- Test, implement, and deploy the most recent vulnerability scanner configurations to increase the accuracy and improve analysis capabilities of vulnerability management technologies
- Research and present recommendations and approaches to enhance vulnerability remediation techniques
- Documented processes and operational processes, based on best practices to assist in the remediation of vulnerabilities
- Conduct troubleshooting of vulnerability system errors and assist or conduct repairs to return the vulnerability scanning system to service
- Develop and compose vulnerability management system standard operating procedure documentation using best practices
- Partner with colleagues to support Cummins project goals and objectives for safe and secure operations
30
Vulnerability Analyst Resume Examples & Samples
- 4+ years of science and technical intelligence (collection requirements generation and/or work at military department production center)
- Advanced Persistent Threat (APT)
- Vulnerability Assessments
- Knowledge of intelligence threat assessments and vulnerability assessments
- Production of Intelligence Collection requirements
- Experience with the Palantir platform highly desired
- Military experience preferred
31
Vulnerability Analyst Resume Examples & Samples
- 18-36 months Information Technology Security related experience
- Knowledge of network routing and switching
- Experience with vulnerability scanning tools
- Knowledge of penetration testing concepts and tools
- Understanding of Intrusion Detection/Prevention
- Working knowledge of firewalls
- A foundation in Linux/Windows/OSX operating systems
- Independently learns appropriate techniques to apply and adapt new ideas in related, different or changing situations
- Demonstrated excellent organizational, oral and written communication skills
32
Threat Intelligence & Vulnerability Analyst Resume Examples & Samples
- Responsible for providing governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation
- Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
- Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
- Translate Technical Security Standards into policy compliance profiles in enterprise security tool
- Work with technology owners to validate the policy compliance profiles Review the policy compliance scan results with stake holders
- Onboard the assets for target technologies in enterprise security tool
- Create required authentication records for target technology assets in enterprise security tool
- Perform policy compliance scans and deliver reports to the technology owners
- Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
- Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to manage the TVM Team to develop and update as appropriate
- Be able to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services
- Experience with analytical tools SAS or R or Python
- Experience with business intelligence and dashboard generation
- Experience working with big data e.g. Hadoop/Hive/Spark/Splunk. Preferably Splunk
- Expert at Excel
- Exposure to Qualys APIs
- Knowledge of scripting languages like python and Perl
- Understanding of CIS-Benchmark and NIST framework
- In-depth knowledge performing vulnerability management and policy compliance scan
- In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL)
33
Vulnerability Analyst, Senior Resume Examples & Samples
- 8+ years of experience with IT
- 5+ years of experience with vulnerability tool configuration, deployment, and engineering and defining policies and procedures based on government best practices
- Experience with virtualization and the concept of containerization, including Twistlock
- Experience with enterprise monitoring systems and SIEM ecosystem components, including IDPS, traditional and next generation endpoint protection, Web or Internet proxy, log aggregation, and NGFW
- Knowledge of networking, including OSI network layers, TCP/IP, firewalls, and load balancing
- Knowledge of installation, configuration and troubleshooting of UNIX or Linux-based environments
- Ability to review vulnerability scans and manage efforts to ensure all internal systems are fully patched and configured compliant with required government or equivalent regulations
34
Vulnerability Analyst Resume Examples & Samples
- Update and maintain the SOPs for the Vulnerability Management Program
- Conduct vulnerability auditing on 100% of DSS Information Systems with the DISA Assured Compliance Assessment Solution (ACAS), current vulnerability auditing solution, or a combination of solutions. Weekly audits will be delivered to the system owners and on demand audits will be performed on devices not accessible during automated vulnerability audits on all DSS enclaves
- Maintain a dashboard on DSS CND SharePoint with current vulnerabilities, IAVMs on DSS computing devices. Include associated ACAS plugins, suspense dates, POAM status, system owners, percentage of compliance, and status
- Maintain a dashboard with the current Security Requirements Guides (SRG) and Security Technical Implementation Guides (STIG) and implementation status on DSS environment. Include associated vulnerabilities, suspense dates, POAM status, system owners, percentage of compliance, and status
- Conduct monthly audits to include but not limited to STIG-SRG, SCAP, and all system vulnerabilities in compliance with mandated DOD directives
- Conduct and report daily audits in support of identity assurance in order to validate user accounts, computer accounts, privileged accounts, system accounts, and report any anomalies to Incident Responders
- Coordinate the assessment of vulnerabilities with system owners
- Provide detail vulnerability reports
- Assist other team members with developing mitigation plans
- Support system administrators with resolution of vulnerability findings
- 2 years’ of Cyber Security experience (0 Years’ with a Master’s degree) with a Bachelor’s degree in a technical specialty: cyber security, computer science, or similar field. Note, we may consider four (4) additional years of relevant experience in lieu of a degree
- Experience with Vulnerability Management in a DoD environment
- Experience working with a combination of ACAS, SRG, STIGs, IAVMs
- Experience with Cyber security policies, operations, and reporting requirements
- IAT-I, II or III IA Baseline Certification (SEC+, CISSP, etc.)
- CND IA Auditor Baseline Certification: (CEH, CISA, GSNA)
- Computing Environment or OS Certificate
- Must possess an active/current TS/SCI clearance
- CEH certification
- CCNA certification
- Familiar with any of the following: Akamai, Splunk, Cisco, McAfee, SCAP, ACAST, F5