We have a great opportunity for a talented and self-motivated Senior Vulnerability Management Analyst to join our Cyber Risk Management & Security team in NCS. At NCS, we seek to nurture talents in creating and developing innovative solutions. If you are passionate about new technologies and new ideas, NCS could be a place for you!
The NCS Cyber Risk Management & Security team is looking for a Senior Vulnerability Management Analyst to be part of a newly setup Cyber Operations function. As part of a new function you will have the opportunity to work closely with multiple teams on the development of Cyber Operations and the ability to shape and influence the security monitoring process and other cyber operations activities. You will report to the Cyber Security Operations Lead and be responsible for daily SIEM monitoring & investigation and have a part to play on application security and vulnerability management.
- Perform core cyber-security operation functions such as security monitoring, vulnerability management and application security.
- Monitor and perform deeper analysis, trending and root cause analysis of security events from SIEM, whilst creating process and procedures where none are already established.
- Perform AppSec assessments for selected applications using a combination of threat modelling, vulnerability research, code scanning, application security testing and recommendation of proper remediation actions.
- Support a continuous vulnerability scanning and reporting program encompassing a vast network of internal and public-facing IT assets across multiple platforms and architectures.
- Experience in discovery of vulnerabilities, prioritization of data and vulnerabilities, remediation of vulnerabilities, and verification through risk-based analysis of findings.
- Create and enhance threat detection use cases to identify suspicious cyber threats or anomaly activities.
- Be on standby rotation for cyber operations duty.
The ideal candidate should possess:
- Degree/Diploma or higher in Computer Science, Information Systems or equivalent.
- At least 5 years of experience in cyber security operations or cyber security engineering.
- Strong knowledge of various automated security control systems, encryption, message authentication, vulnerability assessment, threat intelligence intrusion detection, penetration testing and incident response.
- Experience responding to security events, including front-line analysis and escalation, on hacktivist, cybercrime, and APT activity.
- Good knowledge in Incident response lifecycle, different Operating Systems, TCP/IP networking and application layers.
- Provide after-hours support on an on-demand basis.
- Ability to work independently and with minimal supervision on assignments.
- Strong analytical, problem solving, oral and written communications skills.
- Security certification is preferred, such as GIAC Certified Incident Handler (GCIH), GIAC Penetration Tester (GPEN) or GIAC Web Application Penetration Tester (GWAPT)
- At least 3 years of experience as a SOC senior security analyst or vulnerability management analyst