Security Analyst
Heredia, CR, 40101
GFT Technologies
Wir unterstützen unsere Kunden mit modernsten IT-Lösungen, Technologien und Beratung in der digitalen Transformation.Job Description:
About the role:
Responsible for ensuring that vulnerability disclosure program requirements are followed and adhered to on client applications and system topologies. You will collaborate with security, application, infrastructure and DevSecOps teams to ensure vulnerabilities are identified and managed. You will work proactively with those teams to drive remediation efforts, providing guidance and background information as needed. You will gather and monitor progress on remediation plans. You will collect and report pertinent metrics to your business partners to establish priorities and identify trends.
A day in this role:
- Prioritize newly identified vulnerabilities based upon severity, potential operational impact, exploitation, and other factors to assess risk to.
- Engage with infrastructure and application partners to ensure vulnerability management strategy is understood, agreed to and implemented.
- Support delivery of policy metrics for the vulnerability disclosure program.
- Review vulnerability metrics associated with affected and non-compliant infrastructure and applications, identifying trends and tracking remediation.
- Utilize tracking tools/capabilities in a vulnerability management system to report vulnerability mitigation and remediation progress.
- Act as advisor for secure system implementation and threat mitigation.
- Provide guidance and educate business partners in risk management principles and practices.
- Educate business partners in the need to remove vulnerabilities from the client assets and applications.
- Identify opportunities to enhance existing processes, especially where automation can be applied.
- Drive innovation targeting ongoing reductions in vulnerabilities.
- Proactively review policy to identify enhancement opportunities.
The expertise requested:
- Bachelor’s degree in Computer Sciences or related field or equivalent experience. Candidates with cybersecurity certifications such as CISSP, GSEC, Security+, etc. are preferred.
- Experience with vulnerability disclosure programs and processes.
- Candidates with HackerOne and/or Bugcrowd experience are preferred.
- Experience performing risk assessments and vulnerability analysis to advise business on remediation.
- Passion to work on newer technologies and explore the security domain.
- Excellent problem-solving capabilities.
- Strong written and verbal communication skills.
Our Core values are focus to inclusion and diversity, all qualified applicants will be considered for employment and will go thru a fair recruitment process regardless of their race, religion, gender identity, sexual orientation, national origin or disability status.
Your journey with us begin begins here!!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation CISSP DevSecOps GSEC Risk assessment Risk management Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs