Description:
Client is seeking a Vulnerability Analyst, with skill aligned with a Tier 3 Security Analyst, to support our City of Irvine client in Irvine, CA. The contract is a comprehensive IT infrastructure initiative which aims to significantly improve the manner in which the Client’s IT systems are operated, supported, and controlled. The Vulnerability Analyst position is concerned with the Security Services Requirements section of this contract, providing support services associated with (but not limited to) Security Information and Event Management (SIEM), incident response, Intrusion Detectio,n and Intrusion Prevention Systems (IDS/IPS), anti-virus and malware management, and firewall monitoring.
Duties and Responsibilities:
- Performs risk and vulnerability management tasks at the network, system, and application level.
- Runs automated vulnerability scanning tools against all in-scope systems on the network, adhering to a pre-defined schedule.
- Prioritizes vulnerability scan findings; produces and disseminate reports.
- Runs ad-hoc vulnerability scans on an as-needed basis.
- Reviews cyber threat intelligence from multiple external sources; shares relevant threat information with the client.
- Captures Indicators of Compromise (IoCs) for new and evolving types of malware; incorporates IoCs into firewall rules and other control mechanisms, as appropriate.
- Utilizes COTS/GOTS and custom tools and processes/procedures to scan, identify, contain, mitigate, and remediate vulnerabilities, and intrusions.
- Conducts research and evaluates technical and all-source intelligence with specific emphasis on network operations and cyber adversary tactics, techniques, and procedures.
- Conducts investigations into security incidents following defined Incident Response procedures, takes immediate measures to isolate the problem and minimize negative impact, follows escalation procedures as appropriate, creates post-incident reporting to include Root Cause Analysis.
- Analyzes network events to determine the impact on current operations.
- Correlates threat data from various sources.
- Develops and maintains analytical procedures to meet changing requirements and ensure maximum operational effectiveness.
- Implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
- Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.
- Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Performs analyses to validate established security requirements and recommends additional security requirements and safeguards.
- May support cyber metrics development and reporting.