Vulnerability Analyst - Dallas, United States - GroupA

    GroupA
    GroupA Dallas, United States

    4 weeks ago

    Default job background
    Transportation / Logistics
    Description

    This is a 1-year contract with the opportunity to extend longer or convert to FTE based on performance/budget (Benefits are offered during the contract period)

    • Lead regular vulnerability assessments of OT systems, networks, and devices to identify risks to the business
    • Develop information security policies, standards, and procedures for the OT Vulnerability Management program
    • Coordinate with teams and business partners regarding OT Vulnerability Management best practices for on premise and cloud-based solutions
    • Manage and monitor newly announced vulnerabilities and CVEs specific to OT environments
    • Integrate threat intelligence into vulnerability management processes to proactively address security risks
    • Serve as the OT Vulnerability Management expert and trusted advisor
    • Address vulnerabilities quickly and efficiently while ensuring little to no impact to the business
    • Develop strategies for the deployment of security patches, updates, and configurations to mitigate identified vulnerabilities
    • Develop and maintain OT-specific incident response plans that define detection, analyzing, and respond to security incidents with OT-environments and their systems
    • Coordinate with other incident response teams
    • Work closely with internal teams and OT vendors to assess and address security risks on OT systems
    • Assist with Enterprise vulnerability management

    Requirement:

    • Bachelor's Degree
    • 3 or more years of experience with utilizing, and managing, an Enterprise vulnerability scanner such as Nessus, Nexpose, Qualys, etc.
    • 5+ or more years of experience in OT vulnerability management
    • Ability to create and influence a Vulnerability Management program at the enterprise level
    • Windows and Linux operating system
    • Experience with Vulnerability Management methodology
    • Deep understanding of OT environments mandatory
    • Ability to work with third-party vendors to ensure vulnerabilities are addressed in their applications and/or systems
    • Must understand all aspects of an OT environment to include networking, systems, and applications
    • Continually follow the threat landscape to stay on top of the latest OT-related vulnerabilities
    • Work effectively with technical and non-technical partners in a cross-functional setting
    • Work closely with the Security Operations team in performing Purple Teaming exercises
    • Must possess a pen testing certification such as OSCP, GPEN, CRTP, CWAPT, etc.

    Preferred Qualifications

    • Master's Degree
    • Active CISSP or other related certifications