Associate Consultant

Job description:

Role #2 - Operating System Vulnerability Management Specialist
Job Summary: We are seeking a highly skilled and motivated Operating System Vulnerability Management Specialist to join our team. The successful candidate will be responsible for identifying, evaluating, and mitigating security vulnerabilities within our operating systems. This role involves working closely with various departments to ensure the security and integrity of our IT environment.
This the candidate will work closely with the Desktop Engineering, Server Engineering, Security Engineering and Operations teams to identify, implement and maintain all related security controls, policies, procedures (including security patching for the operating system and/or the applications ) on physical, virtual and cloud platforms.
Key Responsibilities:
Vulnerability Assessment: Conduct regular vulnerability assessments to identify security weaknesses.
Risk Evaluation: Evaluate the severity of vulnerabilities and prioritize remediation efforts based on risk assessment.
Remediation Coordination: Collaborate with application owners, developers, and IT operations to develop and implement remediation plans for identified vulnerabilities.
Monitoring and Reporting: Continuously monitor the application environment for new vulnerabilities and provide regular reports on the status of vulnerability management efforts.
Training and Awareness: Provide training and awareness programs to educate staff on application security best practices and vulnerability management processes.
Compliance: Ensure compliance with relevant security standards and regulations, such as NIST, CISA, and internal security policies.
Desired Skills:
Proactively identify and resolve issues while making recommendations to management/colleagues on continued improvement of processes
Organized - able to take notes, provide clear & concise status and ability to formulate a recommended action plan based on issues encountered
Experience collaborating between Server and Information Security teams.
Complete tasks with minimum oversight aligned to the corporate objectives
Experience balancing risk to the business functions with security risks
Excellent Communication skills (Written and Verbal): o Clear and concise executive summaries
Highly technical and detail oriented with peers
Self-motivated, desire to drive change to new technologies that will benefit the firm
Knowledge of Splunk search language is preferred
Creating documentation and presentations to represent new technologies
Hardening OS and ensuring environment is consistent using MS Intune configuration management

Qualifications:
Education: Bachelor's degree in Computer Science, Information Security, or a related field.
Experience: Minimum of 3-5 years of experience in application security, vulnerability management, or a related field.
Technical Skills: Proficiency with vulnerability scanning tools (e.g., Tenable, Rapid7), and familiarity with security frameworks and standards (e.g., NIST, CISA).
Certifications: Relevant certifications such as CISSP, CEH, or OSCP are preferred.
Communication: Excellent verbal and written communication skills, with the ability to effectively communicate complex security issues to technical and non-technical stakeholders.
Problem-Solving: Strong analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure.
Team Player: Ability to work collaboratively in a team environment and build strong relationships with colleagues across different departments.

• To clearly understand the client's cybersecurity environment and respective product.
• To monitor, configure, and troubleshoot cybersecurity issues and related monitoring