Cloud Operations Vulnerability Analyst - Santa Ana

The following are key responsibilities we are looking for BUT we are keen to recruit talented individuals who have a learning agility and looking to develop their career further.

Vulnerability Assessment:

• Analyze vulnerability scan results to determine the severity and impact of identified vulnerabilities.

Remediation Planning:

• Management and Monitoring of existing vulnerabilities, status and remediation owners to closure
• Collaborate with IT and security teams to develop and implement remediation plans.
• Prioritize vulnerabilities based on risk and impact to the organization.

Mitigation and Resolution:

• Apply patches, updates, and configuration changes to mitigate vulnerabilities.
• Verify that vulnerabilities have been effectively addressed and no longer pose a threat.

Monitoring and Reporting:

• Generate detailed reports on vulnerability status, remediation progress, and security metrics for management and stakeholders.

Documentation and Compliance:

• Maintain thorough documentation of all vulnerability management activities.
• Ensure compliance with relevant security standards, regulations, and best practices.

Incident Response:

• Participate in incident response activities when vulnerabilities are exploited.
• Assist in the investigation and resolution of security incidents.

Technical Skills:

• Strong understanding of network and system security concepts.
• Experience with patch management and system configuration.
• Deep understanding of Windows Server and Windows client operating systems, including security features and common vulnerabilities.
• Familiarity with various Linux distributions (e.g., Red Hat, Ubuntu, CentOS) and Unix systems, including command-line proficiency and security configurations.
• Understanding of network security principles, including segmentation, VPNs, and intrusion detection/prevention systems (IDS/IPS).
• Knowledge of common cybersecurity threats and attack vectors, including malware, ransomware, phishing, and zero-day exploits.

Must haves:

• At least 2-4 years of experience in vulnerability management, information security, or a related field.
• Technical Background in Infrastructure preferably in Cloud

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
• High level of attention to detail to ensure accurate identification and remediation of vulnerabilities.
• Strong understanding of security principles, standards, and frameworks (e.g., CIS, NIST, ISO 27001).
• Proactive approach to security, constantly seeking to identify and mitigate potential risks before they can be exploited.
• Excellent analytical and problem-solving skills to address complex security issues.
• Strong written and verbal communication skills, with the ability to explain complex security issues to non-technical stakeholders.
• Strong interpersonal skills with the ability to work effectively in a team environment and collaborate with various stakeholders.
• Ability to quickly adapt to changing security landscapes and learn new tools and techniques as needed.

WTW is an Equal Opportunity Employer