Analyst, Vulnerability & Threat

Analyst, Vulnerability & Threat Job Summary

The Analyst of Vulnerability and Threat will assist in identifying, assessing, and mitigating cybersecurity vulnerabilities and threats to the organization. This individual will work closely with the manager and other team members to ensure the confidentiality, integrity, and availability of the organization's information assets. As a visible member within the Security team, you will be responsible for supporting the technical direction of security, participating in multiple, complex technical projects, and partnering with other groups within the organization to deliver tools and services that align with our security roadmaps.

Weight % | Accountabilities, Actions and Expected Measurable Results

• Gather and analyze threat intelligence from various sources.
• Correlate data from SIEMs, EDRs, and network telemetry to validate findings and upscale reported incidents to incident response teams.
• Assist in the development and support incident response plans to address security incidents effectively.
• Conduct regular threat assessments and testing, including penetration testing/red teaming to evaluate the organization's security posture.

• Perform in-depth analysis of publicly disclosed vulnerabilities and assess organizational exposure.
• Assess and test the effectiveness of current detection and prevention technologies, identifying gaps and recommending improvements.
• Proactively identify potential threats by developing and executing threat-hunting campaigns across networks, endpoints and cloud environments.
• Leverage threat intelligence, behavioral analytics, and anomaly detection to uncover indicators of compromise (IOCs) or advanced persistent threats (APTs) that evade standard detection tools.
• Refine and create new alerting logic, detection signatures, and playbooks based on hunting outcomes.
• Develop and maintain security documentation and procedures.

• Assist in conducting regular and ad-hoc vulnerability scans and assessments using a variety of tools (SAST, DAST, IAST, etc.) and techniques.
• Analyze scan results and identify critical vulnerabilities.
• Help maintain vulnerability assessment tools and technologies.
• Research and document vulnerabilities based on risk and potential impact.
• Collaborate with IT, Engineering and business units to ensure timely remediation in accordance to SLAs.
• Track remediation progress and ensure timely closure of vulnerabilities.

• Work closely with IT, engineering, operations and other stakeholders to ensure effective collaboration.
• Communicate security risks and recommendations to management and stakeholders.
• Assist in the development and delivery of security awareness training programs.

All must be met to be considered.

Bachelor's degree in Computer Science, Information Security, or a related field or equivalent experience.

Minimum of 1-3 years of experience in cybersecurity, with a focus on vulnerability and threat management.

Relevant certifications such as CEH, OSCP, Security+, or GIAC certifications are desirable.

• Cybersecurity expertise:
  Security principles, vulnerabilities, threats, container security and cloud security (AWS, GCP, Azure).
• Vulnerability and Threat Management:
  Assessment, threat modelling (STRIDE / MAESTRO methods preferred), penetration testing, intelligence gathering and analysis.
• OS Security and Compliance:
  Linux, Windows, Mac, G-Suite, GWS Administration, SOC 2, NIST CSF, SOX, PCI-DSS.
• Technical skills:
  Scripting (Python, Powershell, Bash), incident investigation and response.
• Soft skills:
  
  Communication, interpersonal skills, organization, time management, teamwork, and the ability to work independently in a fast-paced environment.
• Additional requirements:
  
  Occasional travel and on-call availability.

It is the policy of People Inc. to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.

In addition, the Company will provide reasonable accommodations for qualified individuals with disabilities. Accommodation requests can be made by emailing hr.

The Company participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please : https://(Use the "Apply for this Job" box below)./employees

Salary:
Remote US: $75,000 - $85,000

The pay range above represents the anticipated low and high end of the pay range for this position and may change in the future. Actual pay…