Vulnerability Intelligence Analyst
HBP (Amsterdam - Haarlerbergpark)
Applications have closed
About Us: Join our dynamic and innovative Global Threat Management Team, where we proactively identify, analyze, and mitigate potential threats to our organization's security. Our mission is to stay ahead of emerging threats and ensure the safety and integrity of our information systems. We are seeking a highly motivated Vulnerability Intelligence Analyst to help us protect our digital assets.
Job Summary: As a Vulnerability Intelligence Analyst, you will play a crucial role in identifying, assessing, and managing vulnerabilities across our global network. You will be responsible for gathering and analyzing vulnerability intelligence from various sources, providing actionable insights, and collaborating with cross-functional teams to remediate identified risks. This position requires a keen analytical mind, a proactive approach, and a deep understanding of the threat landscape.
Key Responsibilities:
- Vulnerability Assessment: Conduct regular vulnerability assessments using industry-standard tools and methodologies to identify security weaknesses in our systems, applications, and networks.
- Intelligence Gathering: Monitor and collect vulnerability intelligence from diverse sources, including security advisories, threat feeds, open-source intelligence (OSINT), and dark web forums.
- Analysis and Reporting: Analyze vulnerability data to determine the potential impact on the organization. Prepare detailed reports and risk assessments for key stakeholders, highlighting critical vulnerabilities and recommended remediation steps.
- Threat Mitigation: Collaborate with the Incident Response, IT, and Development teams to prioritize and address identified vulnerabilities. Provide guidance on best practices for vulnerability mitigation and security hardening.
- Threat Modeling: Develop and maintain threat models to anticipate potential attack vectors and identify vulnerabilities in new and existing systems.
- Tool Management: Manage and maintain vulnerability scanning tools and platforms. Ensure tools are updated with the latest signatures and configurations to provide accurate and comprehensive assessments.
- Security Awareness: Participate in the development and delivery of security awareness training programs to educate employees about vulnerability risks and best practices for security hygiene.
- Continuous Improvement: Stay current with the latest vulnerability trends, attack vectors, and security technologies. Continuously improve vulnerability management processes and tools to enhance the organization's security posture.
- Compliance: Ensure all vulnerability management activities comply with relevant industry standards, regulations, and internal policies.
Qualifications:
- Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CEH, GIAC) are a plus.
- Experience: Minimum of 3-5 years of experience in vulnerability management, threat intelligence, or a related field.
- Technical Skills: Proficiency with vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7). Strong understanding of network protocols, operating systems, and security frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain, NIST). Proficiency in at least one programming language (e.g., Python, Java, C++) is crucial.
- Analytical Skills: Excellent analytical and problem-solving skills. Ability to interpret complex data and provide actionable insights.
- Communication: Strong written and verbal communication skills. Ability to convey technical information to non-technical stakeholders clearly and concisely.
- Team Player: Proven ability to work collaboratively in a team-oriented environment. Strong interpersonal skills and a proactive approach to problem-solving.
- Adaptability: Ability to thrive in a fast-paced, dynamic environment and manage multiple priorities effectively.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: C CEH CISSP Compliance Computer Science Cyber Kill Chain GIAC Incident response Java MITRE ATT&CK Nessus NIST OSINT Python Qualys Risk assessment Threat intelligence Vulnerabilities Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.