Analyst, Vulnerability Management

Your Future Evolves Here

Evolent Health has a bold mission to change the health of the nation by changing the way health care is delivered. Our pursuit of this mission is the driving force that brings us to work each day. We believe in embracing new ideas, challenging ourselves and failing forward. We respect and celebrate individual talents and team wins. We have fun while working hard and Evolenteers often make a difference working in everything from scrubs to jeans.

Are we growing? Absolutely and Globally. In 2021 we grew our teams by almost 50% and continue to grow even more in 2022. Are we recognized as a company you are supported by for your career and growth, and a great place to work? Definitely. Evolent Health International (Pune, India) has been certified as “Great Places to Work” in 2021. In 2020 and 2021 Evolent in the U.S. was both named Best Company for Women to Advance list by Parity.org and earned a perfect score on the Human Rights Campaign (HRC) Foundation’s Corporate Equality Index (CEI). This index is the nation's foremost benchmarking survey and report measuring corporate policies and practices related to LGBTQ+ workplace equality.

We recognize employees that live our values, give back to our communities each year, and are champions for bringing our whole selves to work each day. If you’re looking for a place where your work can be personally and professionally rewarding, don’t just join a company with a mission. Join a mission with a company behind it.

What You’ll Be Doing:

Job Summary: 

We are seeking dedicated professionals who are committed to reducing risk within our Vulnerability Management team. 
This is a challenging opportunity for an Analyst, Vulnerability Management who will play a key role in supporting the vulnerability management program and ensuring the security of Evolent Health's systems and assets.

Responsibilities:

•    Assist in managing the vulnerability management program, following established policies and processes.
•    Collaborate with stakeholders to identify gaps in processes and propose necessary enhancements.
•    Support the expansion of vulnerability scanning coverage to ensure comprehensive risk assessment.
•    Assist in improving the security of Docker images, web applications, and other assets.
•    Collaborate with stakeholders to coordinate scanning and remediation efforts.
•    Conduct health checks for vulnerability management tools and reconcile asset information.
•    Contribute to the development and maintenance of metrics and key performance indicators (KPIs) for vulnerability management.
•    Participate in meetings with stakeholders to address open vulnerabilities and reduce risk.
•    Review vulnerabilities based on threat intelligence and prioritize remediation efforts accordingly.
•    Foster effective collaboration with platform owners and application teams to raise awareness and address vulnerabilities.
•    Collaborate with IT infrastructure partners on strategic and tactical plans.
•    Communicate with stakeholders to assess the impact and likelihood of loss events.
•    Generate reports and dashboards using security tools such as Splunk Enterprise to present actionable insights.
•    Contribute to the creation of Standard Operating Procedures and Working Instructions for the vulnerability management process.

Skills and Education:

•    Bachelor's degree in Computer Security, Computer Science, or a related field.
•    2+ years of experience in vulnerability management or a related field.
•    Familiarity with patch management processes.
•    Proficiency in configuring and troubleshooting Microsoft Windows and Linux-based environments.
•    Experience with OS patch management on MS Windows and Linux servers in virtualized environments.
•    Knowledge of vulnerability management principles acquired through education and practical experience.
•    Understanding of vulnerability ratings, criticality, and impact.
•    Eagerness to stay updated on new vulnerabilities and their associated risks.
•    Familiarity with vulnerability management tools like Tenable or Qualys is a plus.
•    Strong analytical and problem-solving skills.
•    Excellent written and verbal communication skills.
•    Ability to manage stakeholders effectively.

Preferred :

•    Certification such as CISSP, CISM, and CEH would be advantageous.

Mandatory Requirements:

Employees must have a high-speed broadband internet connection with a minimum speed of 50 Mbps and the ability to set up a wired connection to their home network to ensure effective remote work. These requirements may be updated as needed by the business.

​

Evolent Health is an equal opportunity employer and considers all qualified applicants equally without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status.