Cybersecurity Specialist

6 days ago

Chelsea, Massachusetts, United States Mass., Inc. Full time
About the Role
Massachusetts, Inc. is seeking an experienced IT Security Analyst II to join our Security Operations Team as a SOC Vulnerability Management Program (VMP) Security Analyst II. This role will provide security vulnerability scanning, reporting, tracking, remediation, and analysis through continuous evaluation and prioritization of scan results.

About You
We are looking for a skilled IT professional with at least two years of experience in information technology security providing technical guidance across systems, networks, and applications to vulnerability management teams and end users. Experience with systems, networks, and/or applications related to vulnerability management systems and patch management is required. Strong understanding and experience working with Windows and Linux desktop and network operating systems and patching is essential. Ability to work with third-party penetration vendors conducting network/perimeter/application pen tests, including scoping, running, working with the vendor, and post-scanning remediation efforts and deliverables is also required.

Responsibilities
  • Conduct daily assessment of internal and external vulnerabilities identified by infrastructure scans.
  • Evaluate, rate, and perform risk assessments on customer assets based on scan results.
  • Prioritize vulnerabilities discovered along with remediation timeline(s) while working with different agencies and owners, as well as the vulnerability management team.
  • Send and receive notifications to responsible system owner, including customers, vendors, and internal teams of vulnerabilities within the environment.
  • Maintain knowledge of the threat landscape.
  • Provide reporting and analysis and follow up.
  • Provide vulnerability analysis and produce reports for management.
  • Participate collecting, assessing, and cataloging threat indicators.
  • Compile and track vulnerabilities over time for metrics purposes.
  • Develop and maintain strong relationships with Commonwealth customer departments and their security principals.
  • Provide oral and written feedback from customers' meetings and discussions back to the VMT.

Requirements
This position requires at least two years of full-time or equivalent part-time professional or practical experience in the field of information technology security. An Associate's degree in a related field may substitute for one year of the required experience. A Bachelor's degree or higher in a related field may substitute for the required experience. Proficient with System/Networking concepts including TCP/IP, DHCP, DNS, Subnetting, Packet tracing, Routing, VLANs, VPN, Active Directory, O365, SSL Certificates is required. Experience with cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments (Amazon Web Services (AWS) or Microsoft Azure), is desired. Knowledge of vulnerability scoring systems (CVSS/CMSS) is essential. Experience with network, systems, and application vulnerability scanning tools (Tenable IO, Cloud Security, Attack Surface Management, Palo Alto Xpanse) is required.