Job Description
Job Objectives
- A Threat Intelligence & Vulnerability Management Analyst is responsible for identifying, analyzing, and mitigating security threats and vulnerabilities within an organization.
- The analyst conducts vulnerability assessments, prioritizes risks, and collaborates with IT and security teams to implement remediation measures.
- Typically, they report to the company’s Chief Information Security Officer (CISO).
Duties & Responsibilities
- Analyze and communicate emerging threats, including malware trends, tactics, and techniques.
- Conduct regular and on-demand vulnerability assessments across systems, applications, and cloud environments.
- Security Tool Management: Perform vulnerability scans using tools like QualysGuard to identify weaknesses in the organization's IT systems.
- Regularly test patches and configuration changes to validate their effectiveness against identified vulnerabilities.
- Incident Response: Support incident response teams by identifying vulnerabilities exploited during attacks.
- Security Analysis: Analyze security data to identify trends, patterns, and anomalies, providing actionable insights to mitigate risks.
- Assess and prioritize vulnerabilities based on exploitability and potential impact, ensuring remediation timelines are met.
- Collaboration and Communication: Work closely with IT and security operations teams to ensure vulnerabilities are remediate effectively and threat intelligence insights are actionable.
- Document and deliver detailed vulnerability assessment reports and threat analysis to technical and executive stakeholders.
Requirements
- Education: Bachelor’s Degree in Computer Science, Information Security, or related field.
- Experience: 4 - 5 years of experience in Information Security, network security, or a similar role in a security operations environment.
- Technical Skills: Familiarity with frameworks such as MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain for mapping adversary behavior.
- Hands-on experience with QualysGuard vulnerability scanners along with strong knowledge of Security Information and Event Management (SIEM) tools like Alienvault.
- Proficiency in scripting languages such as Python, PowerShell, or Bash to automate tasks, including threat data collection and vulnerability scanning.
- A deep understanding of networking fundamentals, including TCP/IP, DNS, HTTP/S, and other common protocols, combined with a solid grasp of threat intelligence platforms and methodologies.
- Certifications: Relevant certifications like CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker CEH), or GIAC Security Essentials (GSEC) etc.
- Soft Skills: Strong analytical and problem-solving skills, attention to detail, effective communication.