Vulnerability Management Specialist
1 month ago
Job Title : Vulnerability Management Specialist- Onsite
Location: 2 Metro Tech Center, Brooklyn NY
Job Type : Onsite
Duration : 12+ months
Opening : 1 Opening
The resource function is essential to OTI Cyber Command's ability to defend City systems from cyber threat including direct support of public safety, revenue generating, and other systems supporting City operations. The threat landscape continues to significantly expand the City's attack surface and the resource is key to managing various agency-facing projects within the City's vulnerability management program that enhances the City's cybersecurity posture. The resource will contribute to OTI Cyber Command's ability to issue timely vulnerability notifications and prioritized system patching info. Without timely vulnerability notification, the City cannot effectively adjust its defensive controls resulting in increased likelihood of cyber events that may require costly remediation efforts.
RESPONSIBILITIES
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
- Travel within NYC for various projects when necessary
Note: Candidates who do not have the mandatory skills will not be considered
- At least 4 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
DESIRABLE SKILLS
- Experience with Cybersecurity standards and best practices and how to integrate them
- Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
- Ability to evaluate the current threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the OTI Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
- Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
-
IT Security Specialist
2 weeks ago
New York, United States City of New York Full timeCompany DescriptionJob Description JOB DESCRIPTION: The mission of the New York City Police Department is to enhance the quality of life in New York City by working in partnership with the community to enforce the law, preserve peace, protect the people, reduce fear, and maintain order. The NYPD strives to foster a safe and fair city by incorporating...
-
IT Security Specialist
2 days ago
New York, United States City of New York Full timeCompany DescriptionJob Description JOB DESCRIPTION: The mission of the New York City Police Department is to enhance the quality of life in New York City by working in partnership with the community to enforce the law, preserve peace, protect the people, reduce fear, and maintain order. The NYPD strives to foster a safe and fair city by incorporating...
-
Vulnerability Analyst
1 month ago
New York, United States Crystal Equation Full timeLocation – NYC – Hybrid Role – 3 days OnsiteDescriptionClient is seeking an experienced Vulnerability Analyst to join the Enterprise Infrastructure & Security organization. This position will be responsible for supporting the program lead with vulnerability related activities. This includes investigating, assessing and monitoring potential...
-
DevSecOps - Vulnerability
4 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
1 month ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
4 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
1 month ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
New York, United States GESG Solutions USA Full timeWe are seeking a highly motivated and experienced Vulnerability Management Subject Matter Expert (SME) to join our growing security team. In this role, you will be responsible for leading our vulnerability management program, identifying, prioritizing, and remediating security vulnerabilities across our IT infrastructure.Responsibilities:Design, implement,...
-
DevSecOps - Vulnerability
3 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
1 week ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 days ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
Senior Vulnerability Analyst
3 weeks ago
New York, United States Tier4 Group Full timeThe Senior Security Engineer is responsible for securing enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure...
-
DevSecOps - Vulnerability
2 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 weeks ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
1 day ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
-
DevSecOps - Vulnerability
2 days ago
New York, United States QUANTEAM - North America (RAINBOW PARTNERS Group) Full timeQuanteam is an independent Financial Markets consulting company based in France, the UK, the USA, Canada, and Morocco. Our team of 1.000 employees supports Corporate and Investment Banks, Asset Management Companies, Insurance, and Corporate for their projects in financial engineering, quantitative research, regulatory implementation, SI transformation, and...
