Threat and Vulnerability Management Analyst

Title:                                                                            Threat and Vulnerability Management Analyst 

Location:                                                                     Bulgaria

Job type:                                                                     Full-Time Permanent

Salary:                                                                         Negotiable / DOE

About Us

Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With four top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services.

What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that philosophy remains today. The skills and experience in our company are some of the greatest in the industry and clients remain with Integrity360 because they can rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services.

Job Role

You should be passionate about the security field with a strong desire to learn. As a threat analyst you will use your technical experience and inquisitive nature. In this role you will be expected to perform traffic analysis, intrusion analysis and detection of threats based on system alerts and logs.  Additional duties would include the authoring of security procedures. You will be required to monitor third party security related websites, forums, and mailing lists for information regarding vulnerabilities and exploits.  The security analyst will verify the vulnerabilities; correlate and collate the information; and develop, edit, and deliver security reports to enterprise-level customers.  The role requires flexibility and the ability to work extra hours when the business calls for it.  A good knowledge of Information Security is required for this role.

Primary Duties/Responsibilities include:

•  Perform vulnerability assessment and policy compliance scanning on desktops/laptops, servers, network devices, web apps, etc.
• Review all security baselines for different systems and create/update policies and controls for compliance scans.
• Review security events to evaluate the risk they present in the context of the environment they are in.
• Reporting priority security findings and information to relevant stakeholders.
• Review vulnerability and compliance reports and track remediation activities.
• Evaluate, analyze, and derive actionable threat intelligence from a variety of open-source, commercial, and private sources to deliver quality deliverables to both technical and executive audiences.
• Assess, curate, and manage multiple threat intelligence feeds to enable the correlation of security events
• Participate in the research and development of next-generation analytics using internal log data and external data sources to identify attack patterns that evade traditional countermeasures.
• Review the existing Policies and Standards, make recommendation as it relates to vulnerability management and policy compliance.
• Monitor internal security tools and provide reporting as necessary.
• Identify and classify false positive findings in assessment results.
• Provide technical reports on assessment findings to facilitate remediation tasks for other operational teams.
• Document work efforts and update the tool documents that are already in place.
• 24 x 7 on-call support on a Rota basis may form part of the role

Desired Skills

• Knowledge of Qualys, Tenable, Rapid7, or any other scanning tools for web application scanning, vulnerability management and policy compliance.
• Ability to leverage insight from internal telemetry and an emerging threat landscape to describe and anticipate actions by cybercriminal, hacktivist, and cyberespionage actors.
• Comprehensive understanding of threat landscape and adversary technologies, capabilities, targeting profiles, and motivations to assess and attribute observed malicious activity.
• Familiarity with the application of the cyber kill chain, diamond model, and other threat intelligence-based models to conceptualize advanced cyber-attacks.
• Capacity to provide both high-level and technical briefings on emerging threats and vulnerabilities, collaborating with extended Cyber teams to assess risk.
• Conceptual knowledge in Networks and Network Security.
• A process of on-going certification for the benefit of the business and for self-development is a must.
• Understand the security best practices and security frameworks.
• Experience in Treat and Vulnerability Assessment and Investigation with a keen intertest in keeping up to date with the latest in threats and attacks techniques.
• Experience with CVSS interpretation.
• Strong Microsoft Excel skills, especially with the applications database and formula functionality.
• Familiarity with controls and control frameworks (e.g. NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, OWASP, ISO, COBIT, etc.)
• Demonstrated analytic expertise – to include ability to think critically and logically in a dynamic, high-pressure, fast-paced environment.
• Good organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel.
• Good technical writing, research, analysis and analytical/problem-solving skills.
• Ability to confront challenges in a constructive fashion and influence others through consensus-building techniques.
• A passion for cybersecurity, self-starter mentality, flexibility and willingness to take on new challenges and the ability to thrive in a team environment.
• Excellent command of English is a must

Certifications/Qualifications

The following would be considered an advantage but is not a must

• Security industry certifications: OSCP, GCIA, GCIH, GSEC, CEH, GPEN, GWAPT or similar security certifications
• Vendor specific certifications: Qualys,, Tenable, Rapid7, Splunk, Digital Shadows, or similar
• Experience using SIEM/SEM solutions is a plus.
• Experience with API integrations is a plus.
• Knowledge of threat hunting techniques.

What’s in it for you

At Integrity360 we aim to reflect what’s important through the benefits we offer. We survey our people regularly and encourage discussions around these tops so we can understand what really makes a difference. Our benefits priorities are physical, mental, and financial wellbeing.

Mental & Physical wellbeing benefits:

• Premium private healthcare by Uniqa with extended coverages
• Dental coverage, claim up to 400BGN/year
• Optical coverage, claim up to 100BGN/year
• Life insurance
• MultiSport card fully covered

Financial wellbeing:

We guarantee that every employee will have their pay reviewed at least once every year, if not more regularly. We aim to pay within the market range for all roles and keep pace with inflation on average.

What we offer:

• Twice yearly salary reviews

Other benefits include:

• 4 days additional annual leave (24 in total). Option to carry over up to 12 days in the next year.
• Our L&D program, we work with various platforms including Cybrary, Udemy, Preply Pluralsight, HTB ensuring our people are up to date with their industry knowledge and further opportunities to upskill.