IT Job Pro

Most Popular Tech Job site – Find Jobs || Post Jobs

Sr IT Security Vulnerability Management Analyst

Job Details

Experienced

Oklahoma City Office – Oklahoma City, OK

Full Time

Bachelor’s Degree

General Business
Description

The Senior IT Security Vulnerability Management Analyst will be responsible for applying Patch and Vulnerability management principles and best practices to proactively protect and maintain the confidentiality, integrity, and availability, of the companys data and assets. The analyst will be involved in and guide all the steps of the Patch and Vulnerability Management process. They will be responsible for documenting procedures, provide direction and recommendations for patching, configure and maintain scanning jobs and provide guidance on patching efforts with our process stakeholders

The IT Security Vulnerability Management Team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. Additionally, the analyst will be responsible for the Security Critical Controls of auditing and monitoring for secure configurations for hardware and software on various platforms. The analyst will play a key role in safeguarding the companys assets, intellectual property, and computer systems through audits.

RESPONSIBILITIES

Vulnerability Management & Compliance

  • Provides direction to Paycom’s current security program and continues to push it forward
  • Proactively manages and grows vulnerability scanning, identification, and risk ranking
  • Develops team talent and acts as the Subject Matter Expert for Vulnerability Management
  • Guides the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures)
  • Proactively manages and grows vulnerability scanning, identification, and risk ranking
  • Staying up to date and current on any vulnerabilities (including Zero-Day)
  • Tracks remediation and actions taken and escalation requests
  • Reporting of program key performance indicators and metrics
  • Policy & Asset control And Managing scan profile
  • Testing vulnerabilities/updates in the SCCM Test Lab
  • Auditing software versioning and EOL
  • Overseeing and managing the Patch Tuesday Process

Baseline Configuration

  • Provides for the guidance and growth of baseline (Hardening) configurations for all devices
  • Establish a baseline for operating systems, applications, frameworks, and webservers on workstations and servers
  • Establish a baseline for network devices, and containers
  • Understand configurations and be able to provide technical guidance or remediation

Auditing

  • Acts as liaison to IT Risk and auditors to provide and speak to audit evidence
  • Utilize a test environment to test changes, and verify security controls are in place
  • Auditing of critical controls: Data protection and malware defenses

Qualifications

Education/Certification:

  • Bachelors Degree in Computer Science, Business, or related certifications (PMP, GEVA, GCIH, or CISSP)

Experience Required:

  • 6+ years of vulnerability management and/or security administration

Knowledge/Skills/Abilities:

  • Expert-level knowledge of threats and vulnerabilities associated with cloud and on premise network security
  • Expert-level familiarity with Vulnerability Management tools.
  • Ability to oversee and/or perform the development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support
  • Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams
  • Provide expert-level technical support to system/technology owners to propose mitigation and remediation solutions
  • Provide expertise to routine compliance and audit functions to ensure regulatory scanning requirements are satisfied
  • Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities
  • Ability to deliver reporting on and providing fixes to identified vulnerabilities
  • Strong analytical and problem solving skills
  • Highly responsive with an ability to handle escalations quickly and professionally
  • Strong verbal and written communication skills
  • Maintain effective working relationships with supervisor and coworkers

Paycom is an equal opportunity employer and prohibits discrimination and harassment of any kind. Paycom makes employment decisions on the basis of business needs, job requirements, individual qualifications and merit. Paycom wants to have the best available people in every job. Therefore, Paycom does not permit its employees to harass, discriminate or retaliate against other employees or applicants because of race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, military and veteran status, age, physical or mental disability, genetic characteristic, reproductive health decisions, family or parental status or any other consideration made unlawful by applicable laws. Equal employment opportunity will be extended to all persons in all aspects of the employer-employee relationship. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation benefits, and separation of employment. The Human Resources Department has overall responsibility for this policy and maintains reporting and monitoring procedures. Any questions or concerns should be referred to the Human Resources Department.

To apply for this job please visit itjobpro.com.