107 Vulnerability Management jobs in Jersey City
CyberSecurity Threat Detection & Response Engineer, Associate Vice President
Job Viewed
Job Description
As a Threat Detection and Response Engineer you will occupy a crucial position in our Security Operations center, with your primary focus centered on conceiving, refining and implementing use cases and strategies that intricately align with the globa Security, Vice President, Cybersecurity, Engineer, Associate, Information Technology
Job No Longer Available
This position is no longer listed on WhatJobs. The employer may be reviewing applications, filled the role, or has removed the listing.
However, we have similar jobs available for you below.
Information Security Analyst- Vulnerability Management
Posted 2 days ago
Job Viewed
Job Description
How would you like to join one of the most highly regarded financial institutions in New Jersey with deep roots in the community? Provident is a successful and highly regarded multi-billion-dollar bank that continues to grow with branches in New Jersey, Eastern Pennsylvania and New York. Our longevity is a testament to our commitment to placing our employees, customers, and the communities we serve at the center of all we do. At Provident Bank, we are committed to enhancing our customer and employees' experience.
POSITION OVERVIEW:
This position reports to the Chief Information Security Officer. The Information Security department is responsible for identifying and securing the Bank's information assets and providing customers, em-ployees, and other stakeholders trust their sensitive information and privacy is protected.
The Information Security Engineer is a management role for a seasoned information security professional with a focus on designing, implementing, and maintaining the technical infrastructure responsible for protecting the Bank's information assets. This position also is responsible for managing the Bank's se-curity operations center, including being the first responder to security incidents.
KEY RESPONSIBILITIES:
- Develop and integrate cybersecurity designs for systems and networks in line with bank security standards for existing and new technical implementations.
- Manage the delivery of the Bank's outsourced security operations center (SOC). The SOC is responsible for managing the Bank's firewalls, IPS, IDS, SIEM, and identify network security incidents.
- Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
- Operate as the primary stakeholder for Information Security for all new projects related to Information Technology, and Lending business line. Provide direction, monitor significant activities ensuring the project is delivered successfully.
- Determine the protection needs (i.e. security controls) for Bank systems and 3rd party systems housing bank owned data.
- Define and prioritize essential system capabilities or business function required after significant cyber event.
- Provide advice on technical design concepts to senior risk and technology management (e.g. Chief Information Security Officer, Chief Risk Officer, Senior Technology Officer)
- Provide input to the Risk Management frameworks relating to technical and security implementation risks.
- 3-5 years if experience in a technical Information Security role interacting with business lines.
- Knowledge and skill of integration of hardware & software assets while maintain security controls.
- Knowledge and skill of implementing secure computer networking concepts and methodologies.
- Knowledge and skill of designing secure authentication and authorization processes.
- Knowledge of Personally Identifiable Information (PII) data security standards.
- Knowledge of confidentiality, integrity, and availability requirements.
- Knowledge of Critical Security Controls, NIST Cybersecurity Framework, and FFIEC Information Security standards.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of organization's enterprise information security architecture.
- Skill in translating operational requirements into protection needs (i.e., security controls).
- Skill in applying and incorporating information technologies into proposed solutions.
- Bachelor's degree or equivalent work experience.
- At least one of: Security+, SSCP, CEH, GIAC, CISSP, CISA, CISM, or comparable certification highly desired.
Work is performed in a normal office environment. Noise levels are usually moderate. This position involves travel to customers and property locations.
- Prolonged sitting
- Lifting from 5 to 10 lbs. (printer paper, storage boxes)
- Occasional bending or overhead lifting (storing files or boxes)
- The hazards are mainly those present in a normal office setting
This job description may not be all-inclusive. Employees are expected to perform other duties as assigned and directed by management. Job descriptions and duties may be modified when deemed appropriate by management.
Provident Bank recognizes and supports the importance of creating a socially and culturally diverse employee base. We understand, value, and appreciate the unique perspectives that a diverse workforce can contribute to our organization. We put the employee and the customer at the center of strategy because culture is a critical differentiator for why people choose to work here.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age 40 and over, color, disability, gender identity, genetic information, military or veteran status, national origin, race, religion, sex, sexual orientation or any other applicable status protected by state or local law.
Pay Details:
$73,600 - $06,100 annually
Please note, the base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, education, geographic location, internal equity, and other applicable business and organizational needs.
This role is incentive eligible based upon company, business, and/or individual goal achievement and performance.
Team members accrue paid time-off (PTO), receive Holiday (PTO) and are eligible to participate in the bank's Health and Wellness benefits including Medical, Dental and Vision Plans, Flexible and Health Savings Accounts, and a 401(k) Retirement Plan. In addition, the company provides Disability Insurance, an Employee Assistance Program, and Basic Life Insurance. Company sponsored Tuition Disbursement and Loan Repayment programs are also available. Voluntary benefits include Supplemental Life Insurance, Accident, Critical Illness, Hospital Indemnity and Legal plans.
About Provident Bank
For more than 180 years, Provident Bank has served individuals, families, and businesses in our local communities with personal and business banking services.
Volunteering is a Way of Life
Our brand promise - "Commitment you can count on" - supports the investments we make in the community and donations made by our employees. It's a promise also reflected in the volunteerism of our employees, who lend time and talent and countless hours to assist hundreds of organizations and thousands of people and animals each year.
Why do we love it?
- We get to volunteer in areas that are meaningful to the bank and impactful in the community.
- Through generous contributions, we have raised over 912,000 in 2022. No item or donation is too small; we find a home for it all.
Vulnerability Management Specialist
Posted today
Job Viewed
Job Description
Tasks
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
- Travel within NYC for various projects when necessary
Note: Candidates who do not have the mandatory skills will not be considered
- At least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
- Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
- Ability to evaluate the current threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
- Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
Job Description
OPEN TO OTI EMPLOYEES ONLY
The Office of Technology and Innovation (OTI) leverages technology to drive opportunity, improve public safety, and help government run better across New York City. From delivering affordable broadband to protecting against cybersecurity threats and building digital government services, OTI is at the forefront of how the City delivers for New Yorkers in the 21st century. Watch our welcome video to see our work in action, follow us on social media @NYCOfficeofTech, and visit oti.nyc.gov to learn more.
At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.
About New York City Cyber Command
The New York City Office of Technology and Innovation (OTI) Cyber Command is committed to protecting City systems and technology infrastructure that provide and enable vital services to New Yorkers from cyber threats, and helping residents become safer in their digital lives.
As the organization defending the largest municipality in the country, OTI Cyber Command is charged with directing citywide incident response, setting citywide cybersecurity policies and standards and working with city agencies to strengthen their cyber defenses.
Mission Statement
"To lead and execute an innovative, intelligence-driven, risk-informed cyber defense and response strategy -- with the support of key partners and allies -- that enables the city government to properly function and provide services to New Yorkers.
Vision Statement
"New York City the most cyber-resilient city in the world"
Job Description
Cyber Command's Vulnerability Management (VM) program defines, promotes, assures, and measures the security of connected infrastructure so vital to the City of New York that their incapacitation or destruction would have a debilitating effect on security, economic security, or public health or safety. The Vulnerability Management Specialist will work with NYC agencies that provide public safety and emergency response services to New Yorkers, private sector technology services providers, and teams within OTI to ensure the security and resiliency of systems that support these critical services. The Vulnerability Management Specialist will perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The Vulnerability Management Specialist will measure effectiveness of defense-in-depth architecture against known vulnerabilities.
Responsibilities will include:
-Assist in the analysis and remediation of findings discovered during scheduled internal and third-party vulnerability scans and penetration tests;
-Review and triage vulnerability alerts into manageable reports for the Vulnerability Management team to review and action;
-Provide relevant analysis, suggest mitigations, track remediation, manage scheduled scans, identify gaps and expand scan coverage, and escalate as appropriate;
-Conduct cybersecurity risk assessments;
-Conduct vulnerability research for the purpose of threat exposure management and attack surface reduction;
-Develop security documentation and SOP's;
-Perform on-site activities, including implementing cybersecurity solutions or performing security assessment activities, including technical configuration reviews;
-Develop scripts for automation
-Handle special projects and initiatives as assigned.
HOURS/SHIFT
Day - Due to the necessary technical support duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings
WORK LOCATION
Brooklyn, NY
TO APPLY- OPEN TO OTI EMPLOYEES ONLY
Only permanent employees in the title and those that are reachable on the civil service list are eligible to apply.
* Interested applicants with other civil service titles who meet the preferred requirements should also submit a resume for consideration
Please go to and search for Job ID#716029
SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW
APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL
NOTE: This position is open to qualified persons with a disability who are eligible for the 55-a Program.
Please indicate in your cover letter that you would like to be considered for the position under the 55-a program.
OTI participates in E-Verify
CYBER SECURITY ANALYST - 13633
Qualifications
1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or
2. A four-year high school diploma or its equivalent approved by a State's department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in "1" above; or
3. Education and/or experience equivalent to "1" or "2", above. College education may be substituted for up to two years of the required experience in "2" above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.
Additional Information
The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
Vulnerability Management Specialist
Posted today
Job Viewed
Job Description
Tasks
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
- Travel within NYC for various projects when necessary
Note: Candidates who do not have the mandatory skills will not be considered
- t least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
- Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
- bility to evaluate the current threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
- bility to analyze Cybersecurity documentation, including security policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
Cybersecurity Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
UNIVERSAL Technologies is seeking a Cybersecurity Vulnerability Management Specialist for a long-term engagement supporting cyber threat management initiatives. This is a Hybrid role – must be able to work on-site 3 days a week in Brooklyn, NY. The selected candidate will serve as a subject matter expert in vulnerability management, specifically using Rapid7, and will be responsible for identifying, analyzing, and mitigating vulnerabilities across enterprise environments. This is a technical, hands-on role requiring at least 8 years of Cybersecurity experience, scripting abilities, and experience automating vulnerability tasks.
WHO WE ARE:
UNIVERSAL Technologies, LLC is a Women-Owned (M/WBE) IT solutions and consulting company focused on delivering enterprise systems that significantly improve our clients' IT performance. We work across the IT spectrum including Development, Business/Systems/Data Analysis, Project Management, Cyber Security, Network Engineering, and High-Level System Architecture.
We empower skilled professionals to make a meaningful impact through mission-driven projects that shape how public services are delivered.
WHAT WE OFFER:
Our W2 employees can expect the following benefits:
-
Competitive pay
-
Health/Dental Insurance
-
Group Life Insurance
-
401K
-
HSA/FSA
-
Pre-Tax Transportation Program
-
Generous Paid Time Off/Holiday Policy
MANDATORY SKILLS/EXPERIENCE:
Candidates who do not meet the following requirements will not be considered.
-
Minimum 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, and vulnerability intel analysis
-
Expertise in CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors, and mitigation strategies
-
Strong hands-on experience designing, architecting, and building Rapid7 vulnerability management scanning infrastructure and tools
-
Proven experience conducting and configuring Rapid7 vulnerability scans across various networks
-
Experience analyzing Rapid7 scan results using dashboards and reports to prioritize risk
-
Skilled in evaluating vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
-
Experience performing technical briefings on CVE research, vendor vulnerabilities, and threat assessments
-
Proficiency in scripting using Python and PowerShell to automate vulnerability management tasks
-
Strong Excel skills, including VLOOKUP and Pivot Tables for data analysis
-
Ability to deliver written and oral reports on vulnerability risks to internal teams and agency stakeholders
-
Familiarity with evaluating current threat landscapes including tactics, techniques, and procedures
-
Experience advising agencies on cybersecurity posture, risk reduction, and scan performance issues
-
Experience using Tableau for reporting and analysis
-
Background in networking and cybersecurity technologies such as firewalls, IDS/IPS, DMZ, VPN, DNS, and proxies
-
Working knowledge of security best practices across Microsoft Windows, Linux, VMware, Cisco IOS, Android/iOS
-
Understanding of public-key cryptography, encryption, encoding, and hashing methods
-
Familiarity with security frameworks and best practices (e.g., NIST, CIS, Palo Alto, Fortinet, Microsoft, Unix/Linux)
-
Ability to interpret cybersecurity documentation including security policies and procedures
-
Hands-on experience with Windows and Linux server environments
-
Strong written and verbal communication skills
-
Highly organized with exceptional analytical capabilities
-
Relevant certifications such as CISSP, GSEC, GCIA, GCIH, CEH, CWAPT
SCOPE OF SERVICES:
-
Serve as subject matter expert for vulnerability management across enterprise systems
-
Research, analyze, and brief stakeholders on CVEs, attack vectors, and industry mitigations
-
Design, build, and manage Rapid7 scanning infrastructure and tools
-
Configure and conduct vulnerability scans across multiple networks
-
Analyze scan results and generate dashboards to assess and prioritize risk
-
Develop remediation strategies and oversee implementation
-
Present technical briefings on risk, vendor vulnerabilities, and threat trends
-
Create scripts (Python, PowerShell) to automate vulnerability detection, tracking, and reporting
-
Develop comprehensive reports using Rapid7, Excel, PowerPoint, and custom scripting
-
Travel within NYC as needed to support various cybersecurity initiatives
UNIVERSAL Technologies is an Equal Opportunity Employer.
Cyber Command Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
Job Title: Cyber Command Vulnerability Management Specialist
Location: Brooklyn, NY 11201 (Hybrid)
Labor Category: Specialist 2
Job Type: Contract
Duration: 2 Years
Work schedule: Hybrid: 3 days per week in office (Normal business hours Monday-Friday 35 hours/week)
Pay Rate: $70 per hour
Job Description / Justification:
The resource will contribute to OTI Cyber Command’s ability to issue timely vulnerability notifications and prioritized system patching info. Without timely vulnerability notification and patching, the City cannot effectively adjust its defensive controls and reduce its attack surface resulting in the increased likelihood of cyber events that may require costly remediation efforts.
The threat to the City’s attack surface has only continued to grow due to a 40% increase of vulnerabilities in the technology used across the City agencies. These vulnerabilities are leveraged by attackers to commit malicious events such as information theft and ransomware
SCOPE OF SERVICES
The Cyber Command Threat Management division within OTI requires a Vulnerability Management Specialist to serve as a subject matter expert for vulnerability management:
Tasks
? Research, analyze and brief management and team members on relevant Risk, CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
? Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
? Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
? Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
? Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
? Present succinct technical briefings to team members and customers for intel research, risk assessment, CVE’s, vendor hardware/software, industry trends
? Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
? The ability to automate detection, reporting and tracking of vulnerabilities identified
? Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
? Travel within NYC for various projects when necessary
MANDATORY SKILLS/EXPERIENCE
Note: Candidates who do not have the mandatory skills will not be considered
- At least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability intel analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting intel research around CVE’s, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
DESIRABLE SKILLS/EXPERIENCE:
- Provide oral and written reports on vulnerability risk to the team and possibly agencies’ technical stakeholders
- Ability to evaluate the current threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the OTI Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
- Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
Cyber Command Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
Cyber Command Vulnerability Management Specialist
Location: Brooklyn, NY/Hybrid
Duration: 2 Years
SCOPE OF SERVICES
The Cyber Command Threat Management division within Client requires a Vulnerability Management Specialist to serve as a subject matter expert for vulnerability management:
Tasks
Research, analyze and brief management and team members on relevant Risk, CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
Present succinct technical briefings to team members and customers for intel research, risk assessment, CVE’s, vendor hardware/software, industry trends
Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
The ability to automate detection, reporting and tracking of vulnerabilities identified
Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
Travel within NYC for various projects when necessary
MANDATORY SKILLS/EXPERIENCE
Note: Candidates who do not have the mandatory skills will not be considered
At least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability intel analysis,vulnerability management scan result analysis, Excel
Strong knowledge of CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
Experience conducting intel research around CVE’s, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
DESIRABLE SKILLS/EXPERIENCE:
Provide oral and written reports on vulnerability risk to the team and possibly agencies’ technical stakeholders
Ability to evaluate the current threat landscape that includes tactics, techniques and procedures
Work with agencies to evangelize the ClientCyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
Experience using Tableau for reporting and analysis purposes
Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.
Extensive experience with Windows and Linux Servers
Exceptional written and oral communication skills
Exceptional organizational and analytical skills
Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
Be The First To Know
About the latest Vulnerability management Jobs in Jersey city !
Cyber Command Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
10+ Years
Title: Cyber Command Vulnerability Management Specialist
Client: New York City Office of Technology and Innovation
Location: Brooklyn, NY (Hybrid) 3 days per week in office
Duration: 24 Months
Working Hours: 35 Hours per Week
Rate: $60/hr on C2C
Description:
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
- Travel within NYC for various projects when necessary
- At least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre , attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
Cyber Command Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
Location: Brooklyn, NY 11201
Duration: 2 years
Job Description:
The resource will contribute to Cyber Command's ability to issue timely vulnerability notifications and prioritized system patching info.
Without timely vulnerability notification and patching, the City cannot effectively adjust its defensive controls and reduce it's attack surface resulting in the increased likelihood of cyber events that may require costly remediation efforts.
The threat to the attack surface has only continued to grow due to a 40% increase of vulnerabilities in the technology used across the agencies.
These vulnerabilities are leveraged by attackers to commit malicious events such as information theft and ransomware.
Scope of Services:
The client requires a Vulnerability Management Specialist to serve as a subject matter expert for vulnerability management
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
- Travel within NYC for various projects when necessary
Note: Candidates who do not have the mandatory skills will not be considered
- t least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
- Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
- bility to evaluate the current threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the OTI Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
- bility to analyze Cybersecurity documentation, including security policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
Cyber Command Vulnerability Management Specialist
Posted 2 days ago
Job Viewed
Job Description
Location: Brooklyn, NY (Hybrid)
Duration: 24+ Month
Type: Contract
Note: Hybrid: 3 days per week in office at 11 MetroTech Center, 5 th Floor, Brooklyn, NY 11201 / 2 days per week remote
Job Description:
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector
- Strings, NVD, Mitre, attack vectors and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
- Travel within NYC for various projects when necessary
- t least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
- Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
- bility to evaluate the current threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the OTI Cyber Command program around areas of Cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec,
- DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare,
- Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5,
- Microsoft, Unix/Linux, etc.
- bility to analyze Cybersecurity documentation, including security policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security
- Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH),
- Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)