Connecting to LinkedIn...

Vulnerability & Remediation Analyst

Job Title: Vulnerability & Remediation Analyst
Contract Type: Contract
Location: Hampshire, United Kingdom
Industry:
REF: 1524
Contact Name: Mark Gale
Job Published: 4 months ago

Job Description

Vulnerability & Remediation Analyst – Hampshire – SC cleared

Based within this leading organisation you’ll be undertaking Vulnerability and Remediation Analysis. You’ll have a proven background in reviewing, mitigating and remediating configured large IT systems from known vulnerabilities and a practical background in Networks and Software System Security.

 

Primary responsibilities:

  • Review of expert findings alongside a Technical Assessment of reported vulnerabilities identifying mitigating and remediating solutions.
  • Review of suppliers’ Security Patching proposals challenging and supporting Security Patch Levels
  • Liaising with internal teams, suppliers and customers in the generation of revised Requirements Specifications.
  • Establishing and review of Test Procedures for use in verifying compliance for mitigation and remediation of vulnerabilities.
  • Managing the execution and witnessing of security verification activities, including direct hands on execution or as required the management of independent / 3rd party audit.
  • Tracking conclusion of mitigation and remediation activities, reporting on vulnerability status folding back into a project Risk Register.
  • Work closely with the Security Manager.
  • Some overseas travel may be required

 

Secondary responsibilities (supporting additional team):

  • Technical Assessment of the Risk Exposure from identified vulnerabilities against a Threat Catalogue.
  • Identification of mitigations, moderating risk exposure.
  • Generation of Risk Reports.
  • Liaising with our Customer in support of corroborating status and review of the Risk Analysis.
  • Supporting Accreditation Datapack generation.
  • OS Lockdown definition, implementation and validation.

 

You need to demonstrate extensive experience and be able to operate on solo activities and also within multi-disciplined teams from engineering and security management.

 

Essential skills:  

  • Report Writing and Technical Presentation
  • An understanding of Vulnerability and Incident management (analysis, assessment, mitigation).
  • Understanding Network Security: ACLs, Firewall Rules, DMZs
  • An understanding of Network attack Methodologies
  • Linux and Windows operating Systems, specifically Security enforcing mechanisms.
  • Virtualisation technologies.
  • Experience of nmap / Nessus and related Security Toolkits e.g .Kali Linux
  • Compliance/Audit experience.
  • CISSP or related certification

 

Desirable skills:

  • Security Risk and Threat Analysis
  • DOORs Requirements Management; MS Office
  • OS Lockdown principles

 

6 month initial contract, SC clearance required