Security Vulnerability Analyst

Cradlepoint is seeking a highly motivated Security Vulnerability Analyst to join our dedicated security team. This pivotal role is responsible for the end-to-end vulnerability management practice, encompassing identifying, researching, prioritizing, remediating, and mitigating vulnerabilities. You will work alongside a highly skilled and diverse team, ensuring the continuous security and integrity of our information assets.

What You Will Do: Key Responsibilities

• Perform daily operations and maintenance of vulnerability scanning tools and their supporting infrastructure.
• Register assets in the scanning tool and execute scans according to the agreed schedule.
• Conduct comprehensive Vulnerability Management, including supporting scan tools, executing vulnerability scans, performing CIS Hardening, conducting analysis, and recommending/tracking mitigations.
• Monitor ticket and email queues for incoming Vulnerability & Pen test requests.
• Monitor email/web-based reporting of vulnerabilities from external reporters.
• Responsible for reporting and tracking the completion status of vulnerability assessment scans.
• Perform periodic validation of assets through the Central Depository.
• Perform, review, and analyze security vulnerability data to identify applicability and false positives, recommending corrective actions for mitigation.
• Publish reports on identified security vulnerabilities and control gaps found during security control reviews, as per defined schedules.
• Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
• Overall responsibility for the governance and tracking of the Vulnerability Remediation action plan.
• Plan and coordinate vulnerability scanning schedules with customers and stakeholders.
• Assist in metrics development and reporting for vulnerability management activities.
• Participate in the out-of-hours on-call rotation, providing technical support to the business for major and critical incidents.

Required Qualifications

• Education: Bachelor's Degree (B.E./B.Tech) in Computer Science or a related field.
• Solid understanding of security controls (e.g., Access Control, auditing, authentication, encryption, integrity, physical security, and application security).
• Working knowledge of scanning tools such as Nessus, Qualys, Netsparker, Fortify, etc.
• Strong understanding of enterprise, network, system, and application-level security issues.
• Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks, including available security controls (technical & process controls) for respective layers.
• The ability to provide support after normal business hours.
• The ability to work constructively under pressure.
• Ability to work both in a team as well as individually.
• Strong Knowledge Sharing and Collaboration skills.
• Ability to deliver results and meet customer expectations.
• Excellent communication skills; English is a must.