IT Security Analyst 3 - Vulnerability Management

Candidates must be currently local within a commutable distance, no more than 1-1.5 hours. Manager is not interested in candidates who would need to relocate to accept the role. Position will be hybrid, in office 2 days a week upon start. Onsite interviews to be held at the Dimondale, MI office. (NO virtual interviews will be requested) Candidates submitted must be willing to attend a face-to-face interview.

·       Supports vulnerability management scanning and reporting tools (requires strong Linux, Windows and/or UNIX administrative knowledge for troubleshooting).

• Automates processes with scripting such as bash, PowerShell, and Python.
• Parses logs in an automated fashion using Grep, AWK, Sed, etc.

·       Creates integration of vulnerability management data with other State of Michigan enterprise services.

·       Conducts data analysis of vulnerability management data, often integrated with other data sources, to measure effectiveness of vulnerability remediation.  Data analysis tasks include large datasets, which include structured, semi-structured, and unstructured data.

·       Interfaces with other agencies to make recommendations on how to improve the security posture and reduce the number of security related vulnerabilities.

·       Conducts trend analysis, creates dashboards using data scripting to provide metrics on the performance of security responsibilities, controls, and creates new reports based on those collected metrics across multiple agencies.

·       Plans, schedules, implements, and maintains scalable vulnerability scans using modern vulnerability management scanning tools for high complexity devices.

·       While ensuring safe and timely scanning that has minimal/no impact on scan targets and provides troubleshooting of technical issues with scans.

·       Conducts internal vulnerability audits of servers, network devices, applications, and other devices.

·       Reviews and validates security procedures to ensure adequate security procedures have been developed to identify and classify cyber events.

Requirements

·       5+ years’ experience in IT Security

·       Extensive experience with vulnerability management scanning and reporting tools.

·       Experience with Linux, Windows, and Unix.

·       Experience with PowerShell and Python.

·       Experience with log parsing using - Grep, Sed and/or AWK.

·       Preferred experience with SQL ETL.