Cyber Security Analyst, Vulnerability Management

We are seeking a proactive and detail-oriented Cyber Security Analyst to join our security team with a specialization in Vulnerability Management. The ideal candidate will have a passion for cyber security and a strong background in identifying, assessing, and mitigating security weaknesses. In this role, you will be instrumental in protecting our organization's digital assets by managing the lifecycle of vulnerabilities from discovery to remediation.

Key Responsibilities

. Analyze scan results, prioritize vulnerabilities based on severity, potential impact, and asset criticality, and provide actionable remediation guidance to technical teams.

. Collaborate with relevant teams to ensure the timely and effective remediation of identified vulnerabilities.

. Track and report on the status of remediation efforts, providing clear and concise reports to stakeholders and management.

. Assist in the development and maintenance of the vulnerability management program, including policies, procedures, and best practices.

. Stay current with the latest cyber security threats, vulnerabilities, and industry trends to enhance the organization's security posture.

. Participate in security incident response activities, providing expertise on potential exploits and mitigation strategies.

. Assess and provide security guidance for AI/ML workloads to mitigate associated risks and vulnerabilities.

. Leverage AI-driven tools to enhance vulnerability prioritization, threat detection, and risk analysis.

. Contribute to the continuous improvement of the vulnerability management program by evaluating and recommending new technologies and processes.

. Develop and maintain documentation for vulnerability management processes and playbooks.

. Develop and deliver training materials and workshops to educate developers on secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and emerging application security threats.

. Any relevant ad-hoc duties within information security team.

Requirements:

. Minimum of 2-3 years of hands-on experience in vulnerability management, application security, or a related cyber security field.

. Bachelor's degree in Computer Science, Information Security, or a related discipline is preferred.

. Professional security certifications are highly desirable (e.g., CISSP, CEH, CySA+, CCSP, CSSLP).

. Proficiency with vulnerability scanning tools (Tenable Nessus, Qualys, Rapid7) and application security testing tools (Burp Suite, Veracode, Checkmarx, or similar).

. Strong understanding of network architecture (e.g., TCP/IP, OSI model), vulnerability scoring systems (CVSS), and security frameworks (NIST, ISO 27001, OWASP Top 10).

. Familiarity with vulnerability management in cloud environments (AWS, Azure, GCP) and AI workloads is a significant plus.

. Strong analytical, problem-solving, and critical-thinking skills with a detail-oriented mindset.

. Excellent written and verbal communication skills, with the ability to convey complex technical concepts to diverse audiences.