Skip to content

Vulnerability Management Analyst

General information

Location:

USA - USA - Remote

Function:

Security

Ref #:

20210019738

Description & Requirements

Description

This position is responsible for all tasks related to vulnerability management in a complex environment and demands one to stay current with emerging technologies and vulnerabilities. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving.

In addition, this position is responsible for analyzing security vulnerabilities and determining if there is an attack surface and impact. The ideal candidate understands the full cycle of a software vulnerability, from exploitation to mitigation.

Primary Duties and Responsibilities:
• Drive vulnerability management tasks inside the company, including processing reports, tracking items and their remediation, analyzing trends and reporting.
• Maintain awareness of vulnerability information, complexity to exploit, and exploit availability or feasibility to create an exploit.
• Map vulnerability assessment results to asset inventory.
• Recalculate severity for risks that decrease due to exploitability limitations and threats, prioritizing vulnerabilities based on residual risks.
• Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a level acceptable.
• Creation of vulnerability metric and remediation-related dashboards and reports.
• Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.
• Liaise with stakeholders to understand, prioritize, and coordinate vulnerability remediation activities.
• Maintain awareness of publicly disclosed vulnerabilities (CVEs) and potential vulnerabilities (rumors, blogs, partial public analysis).
• Ability to fully understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs.
• Engage cross-divisional teams and oversee the implementation of security recommendations by leveraging appropriate communication methods, tracking remediation of identified risks, mitigation strategies, plan activities and dependencies.
• Execute responsibilities with an understanding of the Global Security vision, strategic objectives, and priorities.

Qualifications

Required Qualifications:

• Previous experience with vulnerability management lifecycle.
• Advanced knowledge related to application and network vulnerability scanning tools and SAST (eg: Nessus, Qualys, Fortify, etc.)
• Experience in driving discussion and consensus involving cross functional teams (including remote and offshore) over security recommendations and planned actions.
• Excellent written and verbal communication skills.
• Has good organizational and interpersonal skills and broad experience in interacting successfully with both technical and non-technical people.
• Demonstrated ability to work well independently with little input, and as a part of a team.


Preferred Qualifications:
• Previous experience with systems administration and/or programming.
• Preferred certifications: OSCP, GMON, GXPN, GPEN, GWAPT or OSWE.


#LI-Remote

Corporate overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 


View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.


Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com or please call 1 (978) 250 9800.

Apply