Sr. Vulnerability IT Analyst

***This is a contract position and we need only USC ***

• Desired Work Location: Dallas TX or Miramar, FL
• Onsite Requirements: Hybrid it's 2-3 days on site the others remote
• Skill Set required: Vulnerability Management for Enterprise and OT environments.

HOT/Accepting Candidates

Job Title: Senior Analyst, OT Vulnerability Management

Overview

The Senior Analyst, OT Vulnerability Management is responsible for evaluating, rating, and performing vulnerability assessments on assets within operational technology (OT) environments. Responsibilities include conducting vulnerability assessments, analyzing risks, and working closely with cross-functional teams to implement strategies for patch management to mitigate vulnerabilities. The ideal candidate will be a strong leader of people with exceptional understanding and subject matter expertise in OT vulnerability management strategies. They will manage Enterprise and OT-specific vulnerability scanners, as well as create and present meaningful reports to assist teams responsible for addressing vulnerabilities.

Duties and Responsibilities

• Lead regular vulnerability assessments of OT systems, networks, and devices to identify risks to the business
• Develop information security policies, standards, and procedures for the OT Vulnerability Management program
• Coordinate with teams and business partners regarding OT Vulnerability Management best practices for on premise and cloud-based solutions
• Manage and monitor newly announced vulnerabilities and CVEs specific to OT environments
• Integrate threat intelligence into vulnerability management processes to proactively address security risks
• Serve as the OT Vulnerability Management expert and trusted advisor
• Address vulnerabilities quickly and efficiently while ensuring little to no impact on the business
• Develop strategies for the deployment of security patches, updates, and configurations to mitigate identified vulnerabilities
• Develop and maintain OT-specific incident response plans that define detection, analysis, and respond to security incidents with OT-environments and their systems
• Coordinate with other incident response teams
• Work closely with internal teams and OT vendors to assess and address security risks on OT systems
• Assist with Enterprise vulnerability management

Minimum Qualifications

• Bachelor's Degree
• 7 or more years of work experience in IT
• 5 or more years of experience in OT vulnerability management
• Ability to create and influence a Vulnerability Management program at the enterprise level
• Relevant industry experience with a technical background
• Excellent understanding of Windows and Linux operating systems
• Experience with Vulnerability Management methodology
• Deep understanding of OT environments mandatory
• Ability to work with third-party vendors to ensure vulnerabilities are addressed in their applications and/or systems
• Must understand all aspects of an OT environment to include networking, systems, and applications
• Continually follow the threat landscape to stay on top of the latest OT-related vulnerabilities
• Work effectively with technical and non-technical partners in a cross-functional setting
• Effective team player with technical and non-technical personnel in a cross-functional setting
• Work closely with the Security Operations team in performing Purple Teaming exercises
• Must be willing to perform OT environment activities in specified time windows that may include after-hours
• Strong balance of business acumen and technology knowledge
• Excellent verbal/written communication skills
• Self-starter and motivated with deep attention to detail
• Strong team player who can work across multiple functions and lead peers, excellent listener and collaborator who partners closely with others
• Establish and communicate clear priorities and a sense of direction
• Express ideas in a clear, fluent, and concise manner to both technical, and non-technical audiences
• Must possess a pen-testing certification such as OSCP, GPEN, CRTP, CWAPT, etc.
• Act as a mentor to other members of the team
• Critical thinker, Influencer, Facilitator, Problem solver
• Results-oriented, Strategic Thinker
• Good quantitative analysis skills
• Excellent customer service skills in all interactions with internal and external customers, including but not limited to partners from other divisions, vendors, suppliers, across all areas of the business
• Strong planning and organizational skills to work in a fast-paced environment and manage multiple priorities

Preferred Qualifications

Master's Degree a plus to have not required m mmk

Active CISSP or any other related certifications

Specialized Skills and Technologies

Excellent Vulnerability Management skill set

In-depth knowledge of OT-specific and Enterprise vulnerability scanners

Able to assess a vulnerability without scanners if needed

Able to perform OT assessments

3 or more years of experience with utilizing, and managing, an Enterprise vulnerability scanner such as Nessus, Nexpose, Qualys, etc.

5 or more years of experience with utilizing and managing an OT-specific vulnerability scanner