Senior Security and Vulnerability Analyst

I have a full time opportunity for a Senior Security and Vulnerability Analyst for one of our top tier financial firms in NYC. This is a four days onsite role in New York, NY or Princeton NJ office.

In this role you will work with a team of wicked smart cybersecurity engineers to secure and enhance the vulnerability remediation program on an enterprise level for the organization.

This opportunity comes with a very generous base salary plus bonus.

Responsibilities:

• Perform IT Security assessments and partner with other security or IT professionals to assess potential impact from vulnerabilities and determine appropriate mitigating controls
• Build strong partnerships with technical teams to promote best practices for managing vulnerabilities across traditional infrastructure and in cloud environments
• Understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs
• Help standardize workflows, processes, procedures and reporting
• Produce metrics and key performance indicators that demonstrate the effectiveness of the team's remediation efforts across the enterprise
• Improve the design and usefulness of our IT Security management tools and solutions.
• Have excellent interpersonal and effective communications skills

Qualifications:

• 7+ years IT Security experience including IT Operations & Systems Management
• Operation vulnerability scan tools (ie: Rapid7, Qualys, Nessus, Nmap)
• Hands-on expertise working with enterprise network architectures, Linux and Windows OS, system administration or as a software developer
• Knowledge of IT security and system hardening best practices; including but not limited to operating systems (Windows, Unix, Linux), web applications, network devices and SDLC processes
• Vulnerability Management of Regulated Systems
• Experience analyzing vulnerability findings from IT and Security management tools
• Understanding of industry standards such as NIST, CVE, CPE and CVSS
• Ability to interpret complex data sets to make informed risk-based decisions
• Can effectively manage complex tasks, projects, and initiatives

Plus:
- A Certified Cloud Security Professional (CCSP), is a plus
- Experience building Cloud Resources and hardening them to CIS standards
- SCRUM Master Certification / PMP Certified
- Solid understanding of Risk management frameworks and security tools
- Ability to learn and implement technologies quickly
- Bachelor's degree in Computer Science, Engineering, or other related fields

Lori Sklarski

Senior Technical Recruiter, PRI Technology

Direct:(973)-

Office: x27

Cell: