Threat Intelligence & Vulnerability Management Analyst

Responsibilities:

• Analyze and communicate emerging threats, including malware trends, tactics, and techniques.
• Conduct regular and on-demand vulnerability assessments across systems, applications, and cloud environments.
• Security Tool Management: Perform vulnerability scans using tools like QualysGuard to identify weaknesses in the organization's IT systems.
• Incident Response: Support incident response teams by identifying vulnerabilities exploited during attacks.
• Security Analysis: Analyze security data to identify trends, patterns, and anomalies, providing actionable insights to mitigate risks.
• Assess and prioritize vulnerabilities based on exploitability and potential impact, ensuring remediation timelines are met
• Regularly test patches and configuration changes to validate their effectiveness against identified vulnerabilities​.
• Collaboration and Communication: Work closely with IT and security operations teams to ensure vulnerabilities are remediated effectively and threat intelligence insights are actionable.
• Document and deliver detailed vulnerability assessment reports and threat analysis to technical and executive stakeholders.

Requirements:

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field.
• Certifications: Relevant certifications like CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker CEH, or GIAC Security Essentials (GSEC), etc.
• Experience: 1-5 years of experience in IT security, network security, or a similar role in a security operations environment.

Technical Skills:

• Familiarity with frameworks such as MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain for mapping adversary behavior.
• Hands-on experience with QualysGuard vulnerability scanners, along with strong knowledge of Security Information and Event Management (SIEM) tools like Alienvault.
• Proficiency in scripting languages such as Python, PowerShell, or Bash to automate tasks, including threat data collection and vulnerability scanning.
• A deep understanding of networking fundamentals, including TCP/IP, DNS, HTTP/S, and other common protocols, combined with a solid grasp of threat intelligence platforms and methodologies. 

Soft Skills:

• Strong analytical
• Problem-solving skills
• Attention to detail
• Effective communication.