Vulnerability Analyst
Amsterdam, Netherlands
Applications have closed
NRB Group
NRB est le plus important groupe IT en Belgique. Nous proposons des services et des solutions informatiques innovantes et de la plus haute qualité.Trasys International offers IT Consulting jobs at the European Institutions and International Organizations.
For a project for one of our client based in Amsterdam, Trasys International is looking for a Vulnerability Analyst.
Your main responsibilities:
• Performing vulnerability watch;
• Processing of incoming vulnerability warnings, alerts and reports;
• Oversee the management of known vulnerabilities through established processes and procedures;
• Triage based on verification, level of exposure and impact assessment;
• Analysing and examining vulnerabilities in hardware or software;
• Validating the existence of suspected vulnerabilities by determining where they are located and how they can be exploited;
• Reviewing source code, using a debugger to determine where the vulnerability occurs, or trying to reproduce the problem on a test system;
• Notifying the various parts of the Contracting or constituency about the vulnerability and shares information about how to fix or mitigate the vulnerability;
• Verifying that the vulnerability response strategy has been successfully implemented;
• Performing regular vulnerability scans of system and applications, writing reports including recommendations for improvements and following-up the remediation process for identified vulnerabilities;
• Providing regular reports and dashboards (based on KPIs) to monitor security improvements;
• Performing penetration tests and writing reports including recommendations for improvements;
• Reviewing the technical security compliance of systems against defined security baselines (gold configuration), writ-ing reports and following-up the remediation process for identified non-compliance;
• Participating in the definition of security baselines;
• Provide activity reports to management to demonstrate service SLA and service quality.
Requirements
- You have a Bachelor's level or 3 years of higher education in a relevant field to the position;
- You have at least 5 years of experience;
- Proven experience with vulnerability analysis;
- You have at least one of the following certifications: GCWN (GIAC Certified Windows Security
Administrator); GCUX (GIAC Certified UNIX Security Administrator); GCCC (GIAC Certified Critical Controls); GPEN (GIAC Certified Penetration Tester); GXPN (GIAC Certified Exploit Researcher and
Advanced Penetration Tester ); GMOB (GIAC Certified Mobile Device Security Analyst); NDS (EC-Council Certified Security and Vulnerability Assessor); ECSA (EC-Council Certified Security Analyst); GSNA (GIAC Certified Systems and Network Auditor); Microsoft Certified System Center Configuration Manager; - You are familiar with the methodologies OWASP, OSSTMM, OCSP;
- Networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.)
- Network vulnerability assessment and penetration testing methods (networks, operating systems, data-bases, web applications);
- Web application development background (C, C#, Java, J2EE, XLM, SAML);
- Good understanding of network protocols , design and operations;
- Good understanding of operating systems, storage, virtualisation, database, web servers security, design and operations;
- Good understanding of the components of a SDLC;
- Cryptography principles;
- Programming in Perl, Python, Ruby, Bash or java;
- You are experience with the following tools/products: Qualys Vulnerability Management; Intel/McAfee Vulnerability Manager; Rapid7 Nexpose; Tenable Network Security Nessus Enterprise; Metasploit; NMAP; WireShark; Burp Suite.
- You are fluent in English.
Nationality and Security Clearance
As a Personal Security Clearance of level "EU SECRET/SECRET EU" might be requested for this profile, only candidates with a valid EU citizenship will be taken into consideration.
We are TRASYS International, NRB Group, an ICT company with over 30 years of a successful track record working with European Institutions and Agencies, offering IT consulting, solutions and services. Our Mission is to help our clients keep up with the challenges of digital transformation by providing the right talent at the right time for the right job. To this end, we are constantly looking for talented professionals who are interested in working on challenging international projects and able to deliver high-quality results within multicultural environments. Our services include (but are not limited to) modernisation solutions, digital workspaces, cloud technologies and IT security. Our Headquarters are in Brussels and we have active accounts and offices across Europe (i.e. Luxembourg, Amsterdam, Athens, Stockholm, Geneva).
Tags: Bash Burp Suite C Clearance Cloud Compliance Cryptography DNS ECSA Exploit GIAC GMOB GPEN GXPN Java KPIs Metasploit Nessus Network security Nmap OWASP Pentesting Perl Python Qualys Ruby SAML SDLC Security Clearance Strategy TCP/IP UNIX Vulnerabilities Vulnerability management Vulnerability scans Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs