The Threat and Vulnerability Management (TVM) Analyst performs assessments of systems and networks within the corporate environment and identifies where those systems or networks deviate from acceptable configurations, policy, or best practices. The TVM Analyst also measures effectiveness of defense-in-depth architecture against known vulnerabilities, as well as performing risk assessment and controls analysis on software and cloud services.
- Perform technical and nontechnical risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, supporting infrastructure, and applications).
- Work with third-party managed services provider to schedule and perform regularly scheduled vulnerability assessment scans utilizing common scanning technology.
- Support authorized penetration testing on enterprise network assets
- Research and analyze potential impact of new threats and exploits and communicate risks to relevant business units. Provide advice on vulnerabilities or potential vulnerabilities within architecture to enable the Information Security team to effectively evaluate and develop secure solutions, based on the threat landscape.
- Contributes to the development and maintenance of the information security strategy.
- Contribute to periodic cyber intelligence products that will be delivered to internal audience, helping to enhance situational awareness of management and leadership teams.
Experience / Skills:
- Bachelor’s degree, or equivalent education/work experience, in Information Technology, Accounting/Business or Auditing. Professional certification such as CISA, CISM, or CISSP, CEH, GCIH considered a plus.
- The successful candidate is an information security professional with a minimum of 2 years of experience administering or implementing information security technologies, with a strong understanding of network and application security tools and protocols.
- Skill in conducting vulnerability scans and recognizing vulnerabilities in applications and systems is favorable. Familiarity with assessing the robustness of security systems and designs is desired
- The successful candidate must be a pro-active and possess the ability to establish, maintain and influence effective working relationships with colleagues and internal customers. He/She is results oriented with a track record of self-directing and driving change. He/she must be able provide accurate analyses and appropriate security management action plans.
Tracking Code: 262805
Job Location: Southfield, Michigan, United States
Position Type: Full-Time/Regular