Areas of Interest: Exploitation Analysis, Incident Response, Systems Security Analysis, Vulnerability Assessment and Management
Performs scheduled and ad hoc vulnerability scans. Schedules regular scans of known assets to identify all vulnerabilities and track remediation on sites. Determines if newly released vulnerabilities present high risk to NMHC and performs ad hoc scanning if necessary. Fulfills ad hoc scan requests from business units under the guidance of the Manager and Change Management. Assesses vulnerability scan results: Assess prioritized scan results to ensure accurate completion of scan, Analyze scan results and modify priority by applying NMHC specific value and risk criteria, Draft risk analysis/tickets identifying top priorities for remediation. Coordinates remediation process with IS and asset owners: Open ServiceNow incidents detailing vulnerabilities, routed to appropriate asset owners, Tracks and implements approved exceptions requested by asset owners and confirmed by TVM Manager, Communicates re-evaluated remediations/mitigations that result from the exception process to IS team. Tracks and reports risk reduction based upon remediated vulnerabilities: Creates recurring remediation reports to be distributed to pre-identified consumers, Fulfills ad hoc report requests from business units under the guidance of the Manager, Generate Vulnerability Management Tool and ServiceNow reports for KPI metrics and reporting. Reviews service requests for vulnerability remediation and determines to where/whom to route them: Based upon the reported, prioritized vulnerability, this individual will select the proper team to which the ticket should be addressed in ServiceNow, Monitors tickets that are returned to the TVM team to ensure remediation is verified in the most recent scans, Communicates re-evaluated remediation/mitigations that result from the exception process to IS team. Identifies new assets to incorporate into vulnerability scans/to route to server group for verification: Works with IT infrastructure teams and Change Control to identify new assets to be on-boarded to TVM processing and technologies, Performs network discovery scans based upon active IP ranges to identify all assets, Determines if asset type is in scope for policy compliance (collaborates with IS to verify asset), Constructs and assigns scan profiles to hosts for future vulnerability scanning activities. AA/EOE.
Required: Bachelor’s degree appropriate to Cybersecurity discipline or equivalent combination of education and experience. 1 – 3 years of combined IT and Security work experience with a broad range of exposure to experience In one or more of the following: Responsibility for programmatic vulnerability detection, prioritization, and remediation. Successful implementation of business relevant measures of Information Security effectiveness. Effective leadership of Security incident investigation and resolution. Experience and knowledge of one of the major Vulnerability Management tools: Rapid7 Nexpose (preferred), Nessus, Qualys. General knowledge of one or more Information Security frameworks (HIPAA, PCI, etc.) and industry best practices. Familiarity with Information Security governance, risk and compliance best practices and tools. Certification or courses: Associate of (ISC)²/CISSP, GSEC, GCWN, GCED or CEH a plus. Experience in delivering formal presentations. Excellent verbal and written communication skills.