Cyber Security Analyst – Vulnerability and Patch Management-Contract

Company Description

Sia Partners is a next-generation consulting firm focused on delivering superior value and tangible results to its clients as they navigate the digital revolution. Our global footprint and expertise in more than 40 sectors and services allow us to enhance our clients’ businesses worldwide. We guide their projects and initiatives in strategy, business transformation, IT & digital strategy, and Data Science.

Job Description

One of our premier clients is seeking a a Cyber Security Analyst specializing in vulnerability and patch management (VPM). The VPM specialist will play a key role in producing regular metrics, KPMs and working with KRIs. They will interact regularly with our vulnerability management data, systems and staff as well as create and follow, on a regular basis, plans of action and milestones.  The Cyber Security Analyst will also be responsible for maintaining process and procedure documentation on all aspects of the VPM program.

Project Length:  9 months

Location: Hybrid- New York, NY

Compensation: This role will compensate between $75-$85/HR depending upon years of experience, education, and relevant certifications. 

Responsibilities

• Ability to focus on our strategic vision and demonstrate a track record to successfully deliver business objectives.
• Provide strong and regular reporting for VPM related topics
• Coordinate with global and local teams address plans of action and milestones
• Calculate and respond to key performance indicators – track mitigations to improve performance metrics.
• Participate in vulnerability assessments and remediation activities, track software and system updates, and strengthen compliance around the use of approved tools and best practices - secure coding guides.
• Network security architecture skills are required.
• Familiarity with security and IT Risk frameworks (COBIT, ISO, NIST as well as FFIEC handbooks)
• Familiarity with Incident response and crisis management programs
• Strong knowledge of SPLUNK, Qualys, Excel and Power Platform for data analytics
• Must be a team player who can work with and cooperate with head office and local cyber security teams (first line of defense) and Information Security Group/Compliance (Second Line of defense) to share information and create a global view of security status.
• Provide backup support for cyber security projects, incidents, action plans, remediation of findings, and audit points.
• Off-hour availability may be required to address emergent threats

Qualifications

• BA/BS in information Security and at least 5-years’ experience.
• At 2-5 years of demonstrated experience in vulnerability management reporting including the oversite of “Plans of Action and Milestones (POAM).
• Experience with SPLUNK
• Experience with vulnerability assessment products: Qualys
• Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the ability to unit test remediations with exploits tools.
• Experience reporting and analysis tools – PowerBI, Advanced Excel/PowerQuery.
• Candidate must possess experience creating management level presentation materials
• SPLUNK, Qualys, clear understanding of key network devices (routers, switches, firewalls, proxies, web gateway, NAC, IDS tools etc), Application Security related OWASP knowledge, Candidate must have strong presentation skills and a business centric view of information security.
• Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP etc.)
• Excellent teamwork skills, ability to collaborate with local staff as well as Paris based staff
• Strong sense of ownership and drive
• Strong organizational and time management skills, attention to detail and ability to manage priorities.
• Able to proactively identify risk and drive remediation, assist with automation and efficient controls design.
• Develop and manage metrics and performance through tracking, reporting and active engagement with management for continuous improvement of our security landscape.  Develop horizontal view of risk posture across multiple technology domains.
• The position will operate transversely across multiple departments - Strong communication and analytic skills are absolutely required.

Additional Information

At this time, Sia Partners does not intend to pursue employment with applicants who require/will require sponsorship for work authorization in the United States (i.e., H1-B visa, F-1 visa (OPT), TN visa, or any other non-immigrant status). Applicants for employment must have work authorization that does not now or in the future require sponsorship of a visa for work authorization.  

Our Commitment to Diversity

Diversity, equity, inclusion, and belonging (DEIB) are part of Sia Partners’ DNA. Thanks to our expertise in several sectors and our international growth, our teams include a variety of experiences and cultures. We’re confident that promoting DEIB creates an environment in which everyone can reach their full potential.

Our global network, DEIB@Sia Partners, brings together our people worldwide to facilitate local and global progress, focused on the following areas:

• Gender equality (global Gender Equality Index score of 91/100 for FY19-20)
• LGBTQ+
• Race & Ethnicity
• Working Parents
• Disabilities

Sia Partners is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.

To learn more about our mission, values, and business sectors, please visit our website.

Sia Partners is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.