Cybersecurity Vulnerability Analyst at DigiOutsource

Why we need you

• We’re on a mission to create extraordinary experiences for our customers, and we believe that your unique skills, passion and superdrive will help us achieve our vision.
• As a Vulnerability Management Analyst, you’ll be supporting the delivery of repeatable, automated and scalable vulnerability management systems and processes, covering windows, linux, 3rd party software and cloud services. This will help us excel by keeping systems modern and secure to stay ahead of the game.

What you’ll be doing

As part of your role, your responsibilities will include:

• Identify, assess and prioritize resolution of vulnerabilities based on risk and known exploits
• Design, implement and maintain robust automated vulnerability detection and remediation processes, including ensuring required scheduled network and system scans are run.
• Review current security controls and compensating mitigation controls for vulnerabilities
• Maintain detailed plans and documentation on vulnerabilities and remediation schedules
• Generate and deliver comprehensive monthly vulnerability management reports, providing insights into risk exposure, remediation progress, and trends. These reports will highlight critical vulnerabilities, compliance status, and risk prioritization to support informed decision-making by key stakeholders
• Ensure adherence to regulations including ISO27001:2022 and Sarbanes-Oxley
• Keep up to date with the latest Tactics, Techniques and procedures and associated risks and attack vectors
• Effective collaboration with technology teams to resolve identified vulnerabilities
• Managing a Configuration Management Database (CMDB) to ensure accurate system inventory and asset relationships, correlating vulnerabilities to affected systems, and collaborating with internal teams to remediate security risks.

This job description is not intended to be an exhaustive list of responsibilities. You may be required to complete other reasonable duties in order to achieve business objectives.

Essential skills you’ll bring to the table

The necessary skills that we require for this role include:

• Strong verbal and written communication skills, with the ability to convey complex ideas clearly and effectively
• Experience working collaboratively in cross-functional teams, with a focus on achieving shared goals
• Expertise in managing multiple projects simultaneously, with a track record of delivering on time and within scope
• Exceptional attention to detail, ensuring high standards of quality in all outputs
• Ability to adapt quickly to changing environments and priorities, maintaining effectiveness in dynamic situations
• CompTia Security+ Certification or other equivalent certificates
• Experience implementing and operating vulnerability scanning solutions, such as Nessus or Qualys
• Experience with Microsoft XDR, Microsoft Endpoint Manager and other Microsoft cloud technologies.
• Experience with Automation using Terraform and Ansible
• Strong understanding of operating systems, including Windows, Linux and MacOS

Desirable skills you’ve got up your sleeve

It would be great if you also have some of the following skills:

• Microsoft SC-200 Certification
• Familiarity in using Kusto query language
• Scripting languages such as PowerShell and Bash
• Strong planning and organizing skills
• Self-motivated and results-oriented
• Curiosity and a continued learning mentality
• Passion for automation and modernization