Vulnerability Management Analyst

Key Skills

• Able to write reports SOPs, playbooks, and process documents.
• Able to use Microsoft Office i.e. Word, PowerPoint, Excel products to generate documents.
• Ability to use Vulnerability Disclosure Platforms, they are currently using BugCrowd, other industry tools to look for are HackerOne
• Ability to support verification of vulnerability, remediation, and closure
• Understand IV&V process and how to correlate risk from Penetration Testing and reports from the VDP
• Provide recommendations on how they could improve the VDP and VM programs.
• Understand Software as a service (SaaS) environments including Azure and Oracle Environments
• Understand Infrastructure as a Service (IaaS)
• Need experience with ServiceNow GRC module.
• Need experience with ServiceNow Security Operations (SecOps)
• Need experience with ServiceNow SecOps Vulnerability Response Module
• Need to know how to run vulnerability scans (hands-on experience)
• Tenable Nessus
• DBProtect
• WebInspect
• Accunetix
• Need automation skills: Support automation of feeding vulnerability scanning results into SeviceNow correlating results to assets, providing analytics, and dashboards
• Available to support IR during office hours