Cyber Security Analyst

Essential Job Responsibilities and Duties:   Vulnerability Analysis & Coordination Run scheduled and ad-hoc vulnerability scans across endpoints, servers, containers, cloud resources, and network devices (e.g., FortiClient, Nessus, ForeScout). Triage findings by severity, exploitability, asset criticality, and business impact; convert raw scan output into actionable tickets/work items. Coordinate remediation efforts with Infrastructure, DevOps, and Application teams; track patching and configuration changes to closure. Validate remediation via rescan/verification and update system-of-records Manage exception requests and temporary compensating controls for vulnerabilities that cannot be immediately remediated.   Threat & Risk Management Monitor relevant threat intelligence (e.g., RSOC, CSIRT, CVEs) to prioritize time-sensitive vulnerabilities. Perform risk assessments for high-value systems and new deployments; document likelihood/impact and recommended controls.   Governance, Compliance & Reporting Prepare biweekly/monthly reporting on vulnerability posture: open vulnerabilities, risk levels, impacted machines and OS, etc. Support audits by maintaining evidence: scan results, approvals, remediation artifacts, exception approvals, and metrics.   Project Management Responsibilities Plan and run small-to-medium vulnerability remediation projects (e.g., quarterly patch campaigns, SSL/TLS deprecation, legacy cipher removal). Create lightweight project artifacts: scope statements, task lists, milestones, RAID log (Risks, Assumptions, Issues, Dependencies). Facilitate cross-functional meetings; capture decisions and clear owners/due dates. Track remediation SLAs; escalate blockers to stakeholders; provide status updates (weekly summaries) to leadership. Drive continuous improvement initiatives, e.g., reducing false positives, automating ticket creation, optimizing maintenance windows. Coordinate change management (CAB submissions, rollout plans, rollback plans) for security-related changes.   Other Responsibilities and Duties: Other special projects, tasks or duties as assigned by supervisor and/or management.   Work Environment and Physical Demands: Most work is performed in a typical office setting. The work is mostly sedentary. The noise level in the work environment varies from moderate to loud. Open office environment exists. This position requires extensive communication with others internally to the company and with external customers and suppliers verbal and written. Required to work additional hours to meet deadlines, as necessary.   Equipment and Supporting Services: Basic Equipment needed is Computer, Desk Phone, Business Cards and Security Badge. Cell Phone optional: BYOD (Bring Your Own Device) allows the use of personal smartphone or iPad tablet to be connected to company apps   Qualifications:   Education and Experience: Bachelor’s degree or higher in computer science, computer engineering, information technology or any related field from a four-year college, university or technical school. 5+ years of relevant experience 2+ years experience in project management.   Special Skills: 2–5 years in security or infrastructure roles with vulnerability management exposure. Familiarity with Forticlient,Nessus, Jira, Intune and SIEM tools. Strong communication, coordination, and project management skills. Certifications (Security+, CySA+, AZ-500) are a plus. Strong creative and analytical thinking Willingness to operate and progress in areas that are outside of previous experience Ability to multi-task and prioritize across concurrent projects may be required.