Job Overview:
We are seeking a skilled Vulnerability Management Analyst with a minimum of 3 years of experience in vulnerability assessment, server OS patch management, and remediation of End of Life/End of Service (EOL/EOS) software on servers and an overall 5 years of experience in IT. The ideal candidate will have a strong background in identifying, assessing, and mitigating security vulnerabilities, as well as experience in managing and applying server OS patches across a variety of environments. Key Responsibilities:
Vulnerability Management:
- Conduct regular vulnerability assessments across all IT assets using industry-standard tools.
- Analyze and prioritize vulnerabilities based on risk, impact, and exploitability.
- Collaborate with various teams to remediate identified vulnerabilities promptly.
Server OS Patching:
- Manage and oversee the patching process for Windows Server 2016/2019/2022 and Redhat Linux 7/8/9 operating systems, ensuring that all systems are up-to-date with the latest security patches.
- Develop and implement patch management strategies, ensuring minimal disruption to business operations.
- Track and report on patch compliance across the organization.
End of Life/End of Service (EOL/EOS) Software Remediation:
- Identify and track software that is approaching or has reached the end of service life.
- Coordinate with application owners and IT teams to plan and execute the upgrade or replacement of EOL/EOS software.
- Ensure that all EOL/EOS software is either decommissioned or upgraded to supported versions to maintain security compliance.
Security Monitoring & Incident Response:
- Monitor security alerts and incidents related to vulnerabilities and patch management.
- Assist in the investigation and response to security incidents that involve unpatched systems or EOL/EOS software.
- Provide recommendations for improving security posture and reducing vulnerability exposure.
Documentation & Reporting:
- Maintain accurate and detailed documentation of vulnerability assessments, patch management activities, and EOL /EOS software remediation efforts.
- Generate reports for management, highlighting the status of vulnerabilities, patching, and EOL/EOS software.
- Contribute to the development of security policies and procedures related to vulnerability management.
Qualifications:
Education:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are a plus.
Experience:
- Minimum of 3 years of experience in vulnerability management, server OS patching, and software lifecycle management.
- Experience with vulnerability management tools (e.g., Nessus, Qualys, Rapid7).
- Strong understanding of operating systems (Windows, Linux) and their respective patching processes.
- Familiarity with ITIL processes and change management.
Skills:
Strong analytical and problem-solving skills.
Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
Detail-oriented with a focus on accuracy and compliance.
Ability to work independently and as part of a team in a fast-paced environment.