Vulnerability Management Analyst - IT Security
Sayre, PA 18840 US
The Vulnerability Management Analyst will be responsible for the Identification and Documentation of cybersecurity vulnerabilities to the Healthcare Organization’ s Information Systems and will coordinate remediation efforts with cross-functional teams. This position will be full-time remote.
- Responsible for the overall management of the vulnerability management lifecycle process to include coordination of vulnerability remediation activities with responsible stakeholders
- Serve as the primary point of contact and subject matter expert for all efforts related to vulnerability management
- Facilitate and lead cross functional efforts to drive vulnerability remediation outcomes
- Support the design and implementation of a remediation exception request process, including workflows, alternate control recommendations, requirement documentation, risk assessment and approval processes
- Administer vulnerability management tools and ensure efficacy in identifying, prioritizing, and assigning vulnerability remediation activities to appropriate stakeholders
- Responsible for facilitating of External Security tests by coordinating responses to information requests, serving as the primary point of contact and monitoring for related impact
- Perform periodic internal network, system, and application security testing, reporting all deficiencies to stakeholders and coordinating remediation activities
- Provide periodic and on-demand reports on vulnerability status at strategic, tactical and technical levels of detail
- Participate in and maintain membership to cybersecurity relevant Healthcare industry information sharing organizations such as the H-ISAC
- Keep supervisor informed on areas of responsibility.
- Performs other duties as assigned.
Education, License & Certification:
- Bachelor’ s degree or commensurate experience in a discipline related to information technology or cybersecurity.
- 2+ years of coordinating project efforts
- 3+ years of vulnerability management experience: identifying, classifying, prioritizing, remediating, and mitigating security deficiencies.
- Experience with vulnerability management tools such as Nessus, Qualys, Rapid7, etc.
- Required Licenses, Certifications, and Other Requirements:
- One or more: CISSP, CEH, CISM, CISA, Sec+ or other industry-relevant cyber-security certifications