About Us
CyberIreland is an impact-driven organization that touches virtually every aspect of cybersecurity. We are known for delivering insights, products, and services that make quality security more accessible and affordable.
We focus on the health, happiness, and well-being of you and those we serve – we care. What you do at CyberIreland matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas.
Job Description
CyberIreland is looking for a Senior Information Security Analyst, Threat & Vulnerability Management to support our information security capabilities and compliance across Business units and Enterprise IT organizations within CyberIreland.
Duties and Responsibilities
* Vulnerability Monitoring:
o Continuously monitor relevant sources (CVE databases, security bulletins, etc.) for newly identified vulnerabilities.
o Assess the impact and severity of vulnerabilities based on the organization's assets and risk appetite.
* Risk Evaluation:
o Evaluate the risks posed by identified vulnerabilities to the organization's information and systems.
o Collaborate with cross-functional teams to prioritize vulnerabilities based on business impact.
* Advisory Role:
o Provide actionable recommendations to management regarding vulnerability remediation.
o Advise on appropriate measures to eliminate or reduce the organization's risk exposure.
* Trend Analysis:
o Analyze vulnerability data to identify trends, patterns, and emerging threats.
o Stay informed about industry best practices and evolving attack vectors.
* Stakeholder Communication:
o Regularly communicate vulnerability status, progress, and risk mitigation efforts to relevant stakeholders.
o Foster collaboration with IT teams, system owners, and security architects.
Key Results
* Patch Compliance Rate: Achieve and maintain a high patch compliance rate across all systems and applications.
* Vulnerability Reduction: Continuously reduce the number of critical and high-risk vulnerabilities within the organization.
* Response Time: Minimize the time taken to remediate vulnerabilities after discovery.
* Risk Score Improvement: Work towards lowering the overall risk score associated with vulnerabilities.
* Stakeholder Satisfaction: Gather feedback from stakeholders on vulnerability management effectiveness and adjust strategies accordingly.
Requirements
To be considered for this role, applicants should have:
* A degree in IT Security, Information Systems, Computer Science, Engineering, or a related field.
* At least 5 years of experience in systems and/or applications security, including maintenance and use of security products in a distributed enterprise environment.
* Knowledge of investigative methodologies and decomposing behavioral profiles to develop investigative plans.
* Ability to manage the security vulnerabilities and risks across the organization.
* Knowledge of Security and Control Frameworks such as NIST, ISO, Cloud Security Alliance, CMMC, etc.
* Knowledge of network protocols IDS/IPS, DNS, TCP/IP, network defense components.
* Security-related qualification(s) such as CISSP, GPEN, GCIH, CEH, CISA, CRISC, IAT, CISM, or GIAC.
Candidates with additional knowledge and skills in areas such as healthcare, privacy, and financial compliance regulations, secure deployment of applications within cloud environments, law enforcement, defense, or intelligence community, and Vulnerability Management Tooling will be highly regarded.