JOB DESCRIPTION:

• Understand the technical details of vulnerabilities, explain details to technical and nontechnical audience.
• Recommend compensating and mitigating controls and triage zero day and known vulnerabilities to contain the impact of exploitation of those vulnerabilities.
• Keep up to date with current threat landscape, emerging attack vectors, and vulnerability trends.
• Consolidate vulnerabilities from multiple sources, e.g., vendors, the Cybersecurity and Infrastructure Security Agency (CISA), security researchers, security tools, New York City Cyber Command (NYC3), etc.
• Prioritize the vulnerabilities and identify the impacted systems.
• Understand the Client technologies, architecture, team structures, and culture.
• Support Client with the coordination of vulnerability remediation activities.
• Provide vulnerability tracking and management.
• Perform validation testing of patched systems and applications.
• Provide guidance on threat and vulnerability management best practices and share knowledge with client staff.
• Interface with and respond to NYC3 regarding vulnerability and threat research, remediation efforts, and reporting.
• Perform due diligence on vulnerability remediation requests from NYC3, e.g., if the vulnerability impacts Client systems, severity changes, active exploitation etc.
• Utilize solutions/tools used at Client, such as, but not limited to Armis, Splunk, Secure works, Tenable, and Rapid 7 to Client vulnerabilities (including scans, setup alerts, etc.), and track and validate remediation.
• Track the status of all vulnerability remediation activities in the Client ServiceNow and SharePoint systems.
• Develop and share skills necessary to create correlation searches in Splunk, in accordance with priorities. Strong experience in Splunk is highly desired.
• Work closely with client unit staff to develop correlation searches to match the severity and granularity needed to be effective.
• Provide assistance and expertise for reviewing and interpreting the results of the regular internal and external vulnerability scans.
• Provide assistance to improve the monitoring and analyzing of data from security systems (such as intrusion detection system [IDS/IPS] logs) to determine if there are any patterns indicating a compromised system(s).
• Facilitate the development of working relationships with NYC cybersecurity organizations.

Job Type: Contract

Salary: $60.00 - $70.00 per hour

Benefits:

• Dental insurance
• Employee assistance program
• Flexible schedule
• Health insurance
• Life insurance
• Paid time off
• Professional development assistance
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Supplemental pay types:

• Bonus pay

Ability to commute/relocate:

• Boston, MA 02108: Reliably commute or planning to relocate before starting work (Required)

Education:

• Bachelor's (Required)

Experience:

• Splunk: 8 years (Required)
• Secureworks, Tenable, and Rapid 7: 8 years (Required)
• monitoring and analyzing of data from security system: 8 years (Required)
• vulnerability remediation activities: 8 years (Required)

License/Certification:

• CISSP (Required)
• Certified Information Systems Auditor (Required)

Work Location: One location

Please Note :
clarksqn.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, clarksqn.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.