Job Description:

The Cyber Command Threat Management division within OTI requires a Senior Vulnerability Management Specialist to serve as a subject matter expert for vulnerability management:

• Research, analyze and brief management and team members on relevant Risk, CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
• Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
• Manage, configure, and conduct Vulnerability Management scans in Rapid7 across various networks
• Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
• Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
• Present succinct technical briefings to team members and customers for intel research, risk assessment, CVE’s, vendor hardware/software, industry trends
• Create scripts utilizing Python, PowerShell, and others to automate vulnerability management tasks
• The ability to automate detection, reporting and tracking of vulnerabilities identified
• Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel, and PowerPoint
• Travel within NYC for various projects when necessary

Requirements:

• At least 4 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability intel analysis, vulnerability management scan result analysis, Excel
• Strong knowledge of CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
• Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
• Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
• Experience conducting intel research around CVE’s, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
• Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
• Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables