We are seeking a Vulnerability Analyst to support and operate our enterprise vulnerability management program as part of the Cybersecurity team.

Requirements

Operate and manage our enterprise vulnerability management platform, including vulnerability discovery, analysis, and lifecycle management.
Triage and prioritize vulnerabilities using CVSS scoring frameworks in conjunction with internal risk methodologies, threat context, and asset criticality.
Analyze vulnerabilities in the context of known exploits, bugs, and active threat activity.
Apply attack frameworks (e.g., MITRE ATT&CK) to evaluate potential attacker techniques, attack paths, and exposure impact.
Define and maintain technical reporting criteria that align vulnerabilities with appropriate remediation teams and the target operating model.
Partner with infrastructure, application, and platform teams to drive remediation outcomes.
Validate findings and investigate false positives through system, service, and configuration review.
Operate comfortably in Linux-based environments, including command-line troubleshooting and service inspection.
Troubleshoot, optimize, and implement technical configurations and plugin modifications to enhance scanning processes and improve outcomes.
Participate in the Cybersecurity team’s on-call and escalation rotation.

Benefits

We are seeking a Vulnerability Analyst to support and operate our enterprise vulnerability management program as part of the Cybersecurity team.

Operate and manage our enterprise vulnerability management platform, including vulnerability discovery, analysis, and lifecycle management.
Triage and prioritize vulnerabilities using CVSS scoring frameworks in conjunction with internal risk methodologies, threat context, and asset criticality.
Analyze vulnerabilities in the context of known exploits, bugs, and active threat activity.
Apply attack frameworks (e.g., MITRE ATT&CK) to evaluate potential attacker techniques, attack paths, and exposure impact.
Define and maintain technical reporting criteria that align vulnerabilities with appropriate remediation teams and the target operating model.
Partner with infrastructure, application, and platform teams to drive remediation outcomes.
Validate findings and investigate false positives through system, service, and configuration review.
Operate comfortably in Linux-based environments, including command-line troubleshooting and service inspection.
Troubleshoot, optimize, and implement technical configurations and plugin modifications to enhance scanning processes and improve outcomes.
Participate in the Cybersecurity team’s on-call and escalation rotation.