| NEW EXCITING ROLE : Threat and Vulnerability Analyst at Remote, Remote, USA |
| Email: [email protected] |
| From: Rachna, TheStaffed [email protected] Reply to: [email protected] Position: Threat and Vulnerability Analyst Type: 6-12 months contract Location: Deerfield, IL Onsite - 4 days/week Client: Horizon Therapeutics Top 4 skills Tenable - Preferred but will be open to other vulnerability tools Azure, Active Directory, 365 and SCCM Threat and Vulnerability Analyst for a 1-year contract position. The resource will need to be onsite 4 days a week in their Deerfield, IL location. Job Summary: The ideal candidate will have a strong understanding of information security principles, vulnerability management processes, and threat detection techniques. The Analyst will play a crucial role in assessing and mitigating risks, ensuring the security of our systems, and continuously improving our security posture. The candidate should possess excellent analytical skills, effective communication abilities, and a proactive approach to problem-solving. Qualifications: Basic understanding of the components that comprise a successful information security program. Strong understanding of different vulnerability types and common weakness enumeration. Familiarity with web application and/or OS-level vulnerability categories, documentation, and scoring (OWASP, CVE, CVSS). Strong communication skills with the ability to convey information to both technical and non-technical audiences. Previous experience with vulnerability management tools in an enterprise-level Threat and Vulnerability Management program. Ability to assess risk and determine the applicability of new vulnerability notifications. Familiarity with security risk management approaches or frameworks (e.g., NIST 800-53). Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Knowledge of cybersecurity principles and organizational requirements related to confidentiality, integrity, availability, authentication, and non-repudiation. Basic understanding of network protocols, network devices, computer security devices, secure architecture, and system administration. Proficiency in collecting, analyzing, and escalating security events, responding to incidents, and disseminating cyber threat intelligence. Ability to document and explain technical details clearly and concisely. Knowledge of network access, identity, and access management, including public key infrastructure (PKI). Knowledge of operational technology (OT) specific network protocols. Knowledge of penetration testing principles, tools, and techniques. Proven analytical, problem-solving, and consulting skills. Threat Management Responsibilities: Support the detection and analysis of threats relevant to Horizon, prioritizing remediation efforts. Identify security gaps and continuously improve the organization's security posture. Review available intelligence feeds, generate indicators of compromise (IOCs), and actionable intelligence. Conduct research using open-source, subscription, and security-related services to monitor and assess current and emerging threats. Drive automation and improvement initiatives to minimize the time between threat discovery and implementation of remediations/mitigations. Respond to alerts from Horizon's managed detection and response provider. Provide second- and third-level support and analysis during and after security incidents, assisting security administrators and IT staff in resolving reported incidents. Vulnerability Management Responsibilities: Manage the vulnerability management system to detect vulnerabilities and collaborate with peers to remediate them. Conduct discovery, analysis, tracking, and remediation of vulnerabilities. Support detection activities such as scanning, open-source information collection, and penetration test coordination. Participate in vulnerability assessments for networks, applications, and operating systems. Review and assess security vulnerabilities published by relevant vendors, establishing priorities according to Horizon's IT Vulnerability Management Standard. Coordinate between the IT SecOps team and IT Infrastructure teams, providing understandable, quantitative, and descriptive reports on security vulnerabilities. Assist in establishing and operationalizing key performance indicators (KPIs), reporting, and metrics to track the maturity of the Threat and Vulnerability Management program. Support and monitor the progress of security remediation efforts across various responsible teams globally. Candidate's role will be to identify and remediate vulnerabilities - some may be a quick east fix and other will need more investigation and research to fine the source. Candidate needs to have excellent communication skills - will be communicating to all level of the organization Proactive in managing the level f threats and communicating with the team Must be technically savvy and can manage across both the network and security groups. The corporate environment at Horizon is awesome - there is a cafeteria and coffee bar that all employees have access to - it is free to all employees and may stay that way or will be greatly discounted. We place both the manager Max McGrath and the CISO - Saira Harcus We are the only agency working on the position. Overview/Business case Business Case IT Security is asking that a Threat and Vulnerability Analyst role be added to the team. As Horizon grows aggressively at the global level, the number of threats will significantly increase. The IT Security function has implemented tools that will help Horizon identify and block these threats, but even with these tools in place, there will always be a layer of manual work required. In our current state, the team does not have the capacity to consistently manage and monitor these threats to adequately protect Horizon. Recent reviews of Horizons current vulnerabilities have raised a significant concern. Vulnerabilities are dealt with on an ad-hoc basis and not in a continuous, ongoing manner that is required to meet the SLAs outlined in our vulnerability management policy. The numbers below are a small snapshot of what is seen within the Horizon landscape. Currently, IT Security does not have a resource that can dedicate time each day to appropriately monitor, track, mitigate and remediate these risks. As we all know, it only takes one threat or vulnerability to significantly impact Horizons business goals and objectives. We currently have over 20,000 vulnerabilities in Tenable; over 5,000 are rated as Critical or High Firewalls are seeing a myriad of IOCs (Indicators of Compromise). An Indicator of compromise suggests that an endpoint or network may have been breached. Each IOC requires time to review, assess and mitigate. Impact 2 attack (The host was attacked and is potentially vulnerable) - 55 Impact 1 attack (The host was attacked and is potentially vulnerable) - 39 CnC Connected (The host may be under remote control) - 33 Malware Detected (The host may have malicious software running on it) - 21 Exploit Kit (The host was a potential victim of an exploit kit (browser-based malware attack) - 1 Our monthly Active Directory security audit consistently has a Domain Risk Level: 100/100 (see attached) Our external SecurityScorecard has been on the decline (once at a 90, now at a 76) (see attached). 20+ vulnerabilities on latest external vulnerability scan from Arctic Wolf Rachna Manager - Talent Acquisition Keywords: active directory information technology Illinois |
| [email protected] View all |
| Tue Aug 08 00:51:00 UTC 2023 |