Senior Cyber Vulnerability Assessment Analyst

Project/Role Description

The key is someone who can analyze vulnerabilities in connected devices - such as cameras, badges and come up impact, gaps to be filled etc.

Consultant will perform vulnerability assessment vulnerability assessments and gap analysis of operational technology in conjunction with IT systems. An example of the type of assessment is to see how susceptible operational technologies such as cameras, elevators, badge systems, etc. are to vulnerabilities and if so can they lead to a compromise of other systems on the client's network.

Responsibilities

• Work closely with client's cyber security team to follow standard vulnerability assessment process, compliance requirements and prepare reports based on findings
• Identify gaps in usage of operational technology in conjunction with IT systems and propose options to harden the systems using industry standards, best practices
• Create and update Information Assurance artifacts
• Create and manage Plans of Actions and Milestones, and perform all duties pertinent to the role of cybersecurity operations engineer
• Work closely with various teams to ensure that they understand, appreciate and follow the standard operating procedures (SOP) for cybersecurity in all aspects including infrastructure, connected devices, database, application

Requirements

• 10+ years of experience as a Cyber Security Engineer/Analyst
• Demonstrable experience with vulnerability assessment of physical infrastructure items such as security cameras, badged entry into doors, elevators, wi-fi enabled, network connected conference room cameras etc.
• CISSP/CISM certification preferred
• Experience with IT Compliance and Risk Management Methodologies Cyber Security Framework, NIST Standards (SP 800-53r5), HIPPA, and FISMA.
• Experience with one or more tools such as Netsparker, Tenable, Kenna, Nessus
• Strong knowledge of best practices associated with as well as appropriate authoritative guidance for physical security, security risk assessments, critical infrastructure protection, continuity and contingency planning, emergency preparedness, security awareness, and training
• Strong analysis and comprehension skills
• Ability to provide technical knowledge and information assurance analysis support
• Excellent communication skills
• Ability to work independently and in a team