Vulnerability Management Analyst II

Overview:

Oversees and coordinates the vulnerability management process.  Performs vulnerability scans on all systems that connect to the Credit Union’s network.  Works closely with the necessary business, system, and IT owners responsible for protecting the assets of the Credit Union to resolve vulnerabilities in a timely manner.  Provides real-time reports on the status of patching of all systems connected to the Credit Union’s network.  Escalates unresolved vulnerabilities to the appropriate level of management based on risk and responsiveness.  Helps identify false positives and remove them from regular scans.  Sets up authenticated scanning wherever possible on systems.  Evaluates requested exceptions based on risk and makes recommendations for appropriate exclusion from scanning.  Oversees the review of exceptions on a periodic basis.

1. Vulnerability Scanning
   
   

• • Partners with System Owners, Server Admins, and IT Managers in identifying vulnerabilities on their systems primarily through the use of vulnerability management software.
  • Ensures that the Vulnerability Management software is scanning all available hosts on AFCU’s network.
  • Ensures that all scans are completed as scheduled following a risk-based approach for type and frequency of scans.
  • Sets up authenticated scans as often as possible.
  • Works with the Asset Tracking Admin to ensure each host on the network with a vulnerability has an owner.
  • Follows up on any incomplete scans.
  • Troubleshoots and fixes problems related to vulnerability scans.
  • Partners with System Owners and Server Admins with the verification of false positives and adjusts the vulnerability management software scans to omit those.
  • Updates the vulnerability management standards as needed to align with industry best practices.

2. Monitoring

• • Runs regular reports to determine AFCU’s status in their patching efforts and communicates those findings to the appropriate personnel. For example…
    • Uses outstanding patch trending reports to monitor for anomalies in the vulnerability management effort.
    • Follows up with the appropriate personnel when anomalies are detected; documents the reason for the anomalies and facilitates their resolution.
    • Reports outstanding patch trending reports to Security Engineering Department Manager, System Owners, Server Admins, and IT Managers on a regular basis to keep them informed on patching status.
    • Escalates vulnerabilities that are not resolved in a timely manner as per AFCU’s vulnerability management standard.

3. Managing Exceptions

• • Carefully reviews and documents requests for exceptions to the vulnerability management software scans and obtain the necessary approvals for exceptions as per the vulnerability management standard.
  • Updates the vulnerability management software to omit approved exceptions for the regular scans.
  • Periodically reviews exceptions as per the vulnerability management standard.

4. Responsible for related duties as required or assigned.

• • Creates other means for measuring, monitoring, and controlling vulnerabilities and the patching of those vulnerabilities, such as identifies Key Performance (KPI) & Key Risk Indicators (KRIs).
  • Completes special projects as assigned.
  • Assists with security assessments of credit union systems.
  • Assists with the security assessment of various software purchases, external vendors and technology service providers.
  • Supports other IT Department and Security Engineering Department staff as needed.
  • Performs ad-hoc scans as needed.

5. Mentor Vulnerability Assessment Analysts I

Training/Education/Certification:

• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or related field.
• Two of the following preferred: GEVA, CEH, CISSP, GPEN, GXPN, OSCP, Security +, and/or PenTest +.

Required Knowledge:

• In-Depth, working knowledge of Microsoft platform (e.g.; Server, Workstation), multiple Linux distros, virtual machines, Java, Adobe, Web Applications, WebSphere, networking concepts (Firewalls, Switches, Load Balancers), and Databases (e.g.; Oracle, SQL Server, DB2, etc.).
• In-Depth, working knowledge of IT security/hardening best practices; including but not limited to operating systems (e.g., Windows, Linux), virtual machines, web applications, network devices, and databases.
• In-Depth ,working knowledge of industry standard security best practices and vulnerability management processes.
• In-Depth , working knowledge of scripting languages (python, perl, etc.) and/or programming languages (java, .net, etc.) preferred.
• In-Depth, working knowledge of security standards such as NIST, FFIEC, CIS, PCI, and other control frameworks.

 Experience Required:

• Ten years using vulnerability scanning tools (Qualys preferred).
• Ten years in information security.
• Ten years in information technology.

Skills/Abilities:

• Champion for vulnerability management and information security, including broadening awareness and education of security best practices.
• Strong analytical and problem-solving skills.
• Strong curiosity, initiative, willingness to experiment, and persistence in providing solutions to tough technical challenges.
• Well organized with good verbal and written communications skills.
• Ability to prioritize and plan projects effectively.
• Ability to assist others and share knowledge with other team members.
• Ability to work effectively with cross-functional teams.
• Able to use PC, terminal keyboards, and various computer hardware.
• Self-directed and works with minimal guidance.