NYSTEC has a job opening for an associate vulnerability analyst. Are you ready to contribute to our engaged workforce and to deliver the NYSTEC Experience?
Department: Cyber Security & Data Privacy
Location: New York, NY
Salary: $91,761.00 – $126,173.00
About Us
NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. We’re independent and vendor-neutral, so we have our clients’ best interests at heart. At NYSTEC, we know that we succeed when individuals and teams flourish personally and professionally, so our benefits and perks support that mindset.
About the Senior Consultant – Vulnerability Analyst
As a vulnerability analyst in NYSTEC’s Cybersecurity and Data Privacy Practice, you will collaborate with team members to conceptualize, deliver, and support our clients through today’s ever-changing cybersecurity landscape. NYSTEC is considered a trusted advisor, partner of choice, and employer of choice. We believe that every interaction is an opportunity to deliver exceptional service that empowers client success.
Serving as a vulnerability analyst, your day-to-day role as a NYSTEC consultant will include understanding the technical details of vulnerabilities, explaining details to both technical and non-technical stakeholders, assessing impacts and providing remediation support. This may include recommending compensating and mitigating controls based on impacts and risk levels. The successful candidate will have a demonstrated desire to learn and acquire new skills and be an effective communicator with client stakeholders. This position presents the candidate with an opportunity to provide support of vulnerability management that is critical to our client’s operations.
This role will be onsite in NYC.
Key Responsibilities: Senior Consultant – Vulnerability Analyst
Overall, in the role of senior consultant – vulnerability analyst you will:
- Understand the technical details of operating systems and software and information technology (IT) asset vulnerabilities.
- Consolidate vulnerabilities from multiple sources, e.g., vendors, the Cybersecurity and Infrastructure Security Agency (CISA), security researchers, security tools, and regulatory entities.
- Prioritize vulnerabilities, identify the impacted systems, and provide tracking and management.
- Perform validation testing of patched systems and applications.
- Explain risk and remediation details to technical and nontechnical stakeholders, including the impacts of vulnerabilities and recommendations for controls.
- Remain current with threat landscape and intelligence, emerging attack vectors, and vulnerability trends.
- Learn and adopt new vulnerability management tools and techniques.
- Participate in internal and client-facing meetings as well as public conferences.
- Prepare reports and presentations.
- Champion the NYSTEC behaviors.
About You
Required Qualifications: Senior Consultant – Vulnerability Analyst
Candidates applying for the role of senior consultant – vulnerability analyst should have the following knowledge, skills, and/or abilities:
- Demonstrated experience with vulnerability management.
- Experience with tools including, but not limited to Armis, Splunk, Secureworks, Tenable, and Rapid 7.
- Willingness to use tools to discover vulnerabilities (including scans, setup alerts, etc.) and support the tracking and validation of remediation.
- Experience with ServiceNow and SharePoint systems for collaboration and vulnerability tracking.
- Willingness to develop and share the skills necessary to create correlation searches in Splunk, in accordance with client priorities.
- Expertise in reviewing and interpreting the results of vulnerability scans, external and internal (authenticated).
- Experience with the analysis of intrusion detection systems/intrusion prevention systems (IDS/IPS) logs and ability to correlate activities with other logging sources.
- Organize project work into client presentations.
- Skills across multiple cybersecurity domains and assessment of risk.
- Willingness to seek knowledge and expertise through professional development within your specialty and follow up with action to improve quality and establish best practices.
- Ability to foster strong relationships with clients.
Preferred Qualifications: Senior Consultant – Vulnerability Analyst
- Vulnerability assessment cybersecurity certifications.
Education and Experience: Senior Consultant – Vulnerability Analyst
For the senior consultant – vulnerability analyst role, candidates should have the following education/experience:
- A bachelor’s degree in cybersecurity or a related field of study and eight or more years of experience. An equivalent combination of advanced education, training, and experience will be considered.
- Formal industrial control system/operational technology (ICS/OT) related cybersecurity training, certifications, or certificates.
Equal Employment Opportunity (EEO)
It is NYSTEC’s policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances. NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.
Reasonable Accommodations
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact Talent Management-Confidential@nystec.com if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
Work Authorization
Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.
Learn More about NYSTEC
Interested in NYSTEC’s culture and values? Find out what it’s like to be a NYSTECer.
Apply Today
If you’re an effective communicator who enjoys working in complex and collaborative environments, using your critical thinking and research skills to develop solutions for clients, and providing support to customers, we want to hear from you.
Do work that matters.