Vulnerability Management and Incident Response Analyst
Infotron
Full-time
Remote
$50 - $60 USD hourly
Digital Forensics & Incident Response
Job Overview:
The Vulnerability Management and Incident Response Analyst is responsible for identifying, evaluating, and mitigating security vulnerabilities within the organization’s IT infrastructure, systems, and applications. Additionally, the role involves responding to and managing security incidents, investigating breaches, and coordinating with stakeholders to remediate and recover from security incidents. The analyst will work closely with the security operations team and other IT departments to ensure a proactive approach to security threats and effective incident response protocols.
Key Responsibilities:
Vulnerability Management:
-
Vulnerability Assessment: Regularly perform vulnerability scans and assessments across systems, applications, and networks to identify security weaknesses or misconfigurations.
-
Risk Assessment & Prioritization: Analyze vulnerabilities based on their risk level (severity, exploitability, and impact) and prioritize remediation efforts in line with business objectives and compliance requirements.
-
Patch Management: Collaborate with system administrators and IT teams to ensure timely patching and mitigation of discovered vulnerabilities.
-
Vulnerability Remediation: Work with engineering, development, and IT teams to recommend fixes or mitigations for identified vulnerabilities, tracking resolution progress.
-
Reporting & Documentation: Maintain comprehensive records of vulnerabilities identified, risk assessments, and the mitigation process. Prepare vulnerability management reports for senior leadership.
-
Security Best Practices: Stay updated with the latest security trends, tools, and techniques to ensure the vulnerability management program is proactive and effective.
Incident Response:
-
Incident Detection & Identification: Monitor security events, alerts, and incidents, working with the security operations center (SOC) and other teams to identify suspicious activities and potential security breaches.
-
Incident Investigation: Lead the investigation of security incidents, collecting and analyzing logs, network traffic, and other relevant data to determine the scope and impact of the breach.
-
Incident Containment & Mitigation: Work with the incident response team to contain and mitigate security incidents, ensuring minimal disruption to business operations.
-
Root Cause Analysis: Conduct a thorough analysis of incidents to identify root causes and contributing factors, ensuring lessons are learned for future prevention.
-
Incident Communication: Provide clear and timely communication to internal stakeholders during an incident, ensuring appropriate escalation and reporting to senior management.
-
Post-Incident Reporting & Remediation: Document incidents, the response process, and lessons learned. Develop recommendations for improving security posture and preventing similar incidents in the future.
Collaboration & Continuous Improvement:
-
Cross-Functional Collaboration: Work with IT, development, and legal teams to align incident response strategies and ensure timely remediation of vulnerabilities and incidents.
-
Security Awareness & Training: Support the development of security awareness programs and training for employees to reduce the risk of social engineering attacks and other common vulnerabilities.
-
Security Tools & Technologies: Assist in the selection, configuration, and usage of vulnerability management and incident response tools and technologies.
Required Skills & Qualifications:
- Strong understanding of vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7) and patch management processes.
- Experience with incident response tools (e.g., Splunk, Palo Alto, CrowdStrike) and familiarity with the MITRE ATT&CK framework.
- Knowledge of network security principles, protocols (e.g., TCP/IP, DNS, HTTP/S), and security monitoring tools (SIEM, IDS/IPS, firewalls).
- Experience with log analysis and forensics (e.g., parsing logs, packet analysis, malware analysis).
- Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS, SOC 2).
-
Hands-on experience in identifying and mitigating vulnerabilities across operating systems (Windows, Linux, macOS) and cloud environments (AWS, Azure, GCP).
- Strong communication skills, with the ability to write detailed reports and present technical information to non-technical stakeholders.
This is a remote position.
Compensation: $50.00 - $60.00 per hour