Lead Vulnerability Analyst

Key Skills: SIEM, AWS Cloud, Qualys, Vulnerability, Bash Shell, Python

Roles and Responsibilities:

• Strategic Support & Service Leadership:
  Lead and facilitate strategic initiatives across Vulnerability Management, Penetration Testing, Security Awareness, Report Building, and Advanced Technical Research. Align tactical activities with broader organizational goals, ensuring seamless service delivery and continuous improvement.
• Client Engagement & Relationship Management:
  Serve as the primary client liaison, ensuring strategic alignment of services with business objectives for optimal security posture and client retention. Oversee resource allocation, ensuring teams have the necessary tools and knowledge for effective client engagement. Provide high-level technical support for complex security issues, developing sustainable solutions that enhance service efficiency and effectiveness. Maintain quality assurance standards, ensuring accuracy and excellence in all deliverables.
• Technical Expertise & Tier 3 Support:
  Act as Tier 3 escalation point, resolving advanced security issues in vulnerability management, patching, and penetration testing. Document troubleshooting actions to support training and knowledge-sharing across the team. Train team members on handling complex security scenarios, advanced tools, and methodologies.
• Process Development & Operational Excellence:
  Define and document service descriptions, workflows, and standard operating procedures (SOPs) for consistency and scalability. Develop metrics and key performance indicators (KPIs) to measure service efficiency and impact. Conduct advanced research and reporting, providing in-depth analysis to improve security services. Lead process training initiatives, ensuring team proficiency and service consistency.
• Core Security Services:
  Execute comprehensive vulnerability management, from detection to remediation, aligning with compliance frameworks (NIST CSF, ISO 27001, SOC 2, CMMC). Plan, coordinate, and conduct penetration testing engagements, identifying security weaknesses across network and application environments.
• Mentorship & Professional Development:
  Provide mentorship and coaching to team members, fostering a culture of continuous learning and professional growth. Drive cross-functional collaboration, working alongside Engineering, IT, Incident Response, and Security Operations to enhance overall security posture.

Skills Required:

• 5+ years of experience with IT security technologies, such as SIEM systems (Splunk), IDS/IPS, antivirus, firewalls; experience with vulnerability assessment software such as Rapid7, Tenable, or Qualys; and experience with AWS, Azure cloud services and CSPM solutions.
• Expertise in SIEM tools like Splunk
• Strong knowledge of Vulnerability Management tools (Qualys, Tenable, Rapid7)
• Experience with AWS Cloud security services
• Hands-on with Bash Shell scripting and Python
• Familiarity with compliance frameworks like NIST, ISO 27001, SOC 2
• Ability to lead, train, and mentor a security operations team
• Penetration testing and advanced technical troubleshooting

Education:  Bachelor's Degree in related field