Analyst, Vulnerability & Threat

Job Title

Job Description

I. Job Summary | The Analyst of Vulnerability and Threat will assist in identifying, assessing, and mitigating cybersecurity vulnerabilities and threats to the organization. This individual will work closely with the manager and other team members to ensure the confidentiality, integrity, and availability of the organization's information assets. As a visible member within the Security team, you will be responsible for supporting the technical direction of security, participating in multiple, complex technical projects, and partnering with other groups within the organization to deliver tools and services that align with our security roadmaps.

II. Essential Job Functions

Weight % | Accountabilities, Actions and Expected Measurable Results

45% | Threat Management:

• Gather and analyze threat intelligence from various sources.

• Correlate data from SIEMs, EDRs, and network telemetry to validate findings and escalate confirmed incidents to incident response teams.

• Assist in the development and support incident response plans to address security incidents effectively.

• Conduct regular threat assessments and testing, including penetration testing/red teaming to evaluate the organization's security posture.

25% | Threat Hunting, Research and Analysis:

• Perform in-depth analysis of publicly disclosed vulnerabilities and assess organizational exposure.

• Assess and test the effectiveness of current detection and prevention technologies, identifying gaps and recommending improvements.

• Proactively identify potential threats by developing and executing threat-hunting campaigns across networks, endpoints and cloud environments.

• Leverage threat intelligence, behavioral analytics, and anomaly detection to uncover indicators of compromise (IOCs) or advanced persistent threats (APTs) that evade standard detection tools..

• Refine and create new alerting logic, detection signatures, and playbooks based on hunting outcomes.

• Develop and maintain security documentation and procedures.

20% | Vulnerability Management:

• Assist in conducting regular and ad-hoc vulnerability scans and assessments using a variety of tools (SAST, DAST, IAST, etc.) and techniques.

• Analyze scan results and identify critical vulnerabilities.

• Help maintain vulnerability assessment tools and technologies.

• Research and document vulnerabilities based on risk and potential impact.

• Collaborate with IT, Engineering and business units to ensure timely remediation in accordance to SLAs.

• Track remediation progress and ensure timely closure of vulnerabilities.

10% | Collaboration and Communication:

• Work closely with IT, engineering, operations and other stakeholders to ensure effective collaboration.

• Communicate security risks and recommendations to management and stakeholders.

• Assist in the development and delivery of security awareness training programs.
   

III. Minimum Qualifications and Job Requirements | All must be met to be considered.

Education: Bachelor's degree in Computer Science, Information Security, or a related field or equivalent experience.

Experience: Minimum of 1-3 years of experience in cybersecurity, with a focus on vulnerability and threat management.

Relevant certifications such as CEH, OSCP, Security+, or GIAC certifications are desirable.

Specific Knowledge, Skills and Abilities:

• Cybersecurity expertise: Security principles, vulnerabilities, threats, container security and cloud security (AWS, GCP, Azure).

• Vulnerability and Threat Management: Assessment, threat modelling (STRIDE / MAESTRO methods preferred), penetration testing, intelligence gathering and analysis.

• OS Security and Compliance: Linux, Windows, Mac, G-Suite, GWS Administration, SOC 2, NIST CSF, SOX, PCI-DSS.

• Technical skills: Scripting (Python, Powershell, Bash), incident investigation and response.

• Soft skills: Communication, interpersonal skills, organization, time management, teamwork, and the ability to work independently in a fast-paced environment.

• Additional requirements: Occasional travel and on-call availability.

It is the policy of People Inc. to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, the Company will provide reasonable accommodations for qualified individuals with disabilities. Accommodation requests can be made by emailing [email protected].

The Company participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: https://www.e-verify.gov/employees

Pay Range

The pay range above represents the anticipated low and high end of the pay range for this position and may change in the future. Actual pay may vary and may be above or below the range based on various factors including but not limited to work location, experience, and performance. The range listed is just one component of People Inc's total compensation package for employees. Other compensation may include annual bonuses, and short- and long-term incentives. In addition, People Inc. provides to employees (and their eligible family members) a variety of benefits, including medical, dental, vision, prescription drug coverage, unlimited paid time off (PTO), adoption or surrogate assistance, donation matching, tuition reimbursement, basic life insurance, basic accidental death & dismemberment, supplemental life insurance, supplemental accident insurance, commuter benefits, short term and long term disability, health savings and flexible spending accounts, family care benefits, a generous 401K savings plan with a company match program, 10-12 paid holidays annually, and generous paid parental leave (birthing and non-birthing parents), all of which may vary depending on the specific nature of your employment with People Inc. and your work location. We also offer voluntary benefits such as pet insurance, accident, critical and hospital indemnity health insurance coverage, life and disability insurance.