Vulnerability Analyst

Job Summary:

As the Vulnerability Management Analyst under the Global Fusion Center US, you will be responsible for uncovering and mitigating the evolving cyber threats through rigorous testing and vulnerability management methodologies. Your role will be key in the development, installation, configuration, and continuous improvement of the global vulnerability management service.

Essential Job Functions:

• Identify and report vulnerabilities on cloud infrastructure, workstations, data center systems, network equipment, and applications
• Support the vulnerability management program to ensure coverage and accuracy of the various vulnerability scanning and reporting tools throughout the infrastructure and applications
• Assist in enhancing procedures by automating daily activities, integrating vulnerability management solutions, and applying best practices
• Assist in prioritizing remediation and mitigation activities using risk criteria such as CVSS, exposure, and asset criticality
• Perform enterprise-wide scheduled and ad-hoc vulnerability assessments, including network, agent, and authenticated scans
• Assist in the development of vulnerability reports/metrics to stakeholders
• Assist in the development of vulnerability management procedures

Other Functions:

• Comply with proper internal controls as necessary to conduct job functions and/or carry out responsibilities and/or administrative activities at the Company
• Perform special projects and other duties as may be assigned
• Establish and build strong working relations and partnerships with other teams, Group Companies, and senior management

Qualifications:

• 3-5 years experience in vulnerability management or other operational security function
• Bachelor’s degree in computer science, cybersecurity, or a related field preferred
• Relevant cyber defense / vulnerability management certifications such as Security+, CySA+ are preferred
• Expertise in Vulnerability Tool configuration, deployment, engineering, and defining policies and procedures
• Sound knowledge of common infrastructure and web application vulnerability categorizations such as CVE, CVSS, CWE
• Knowledge of cybersecurity frameworks and standards (NIST, MITRE ATT&CK etc.)
• Understanding of networks, operating systems, and architecture and how they affect the security posture of a company
• Strong analytical and problem-solving skills
• Excellent communication, writing, and collaboration abilities

EEO Statement:

Tokio Marine Group of Companies (including, but not limited to the Philadelphia Insurance Companies, Tokio Marine America, Inc., TMNA Services, LLC, TM Claims Service, Inc. and First Insurance Company of Hawaii, Ltd.) is an Equal Opportunity Employer. In order to remain competitive we must attract, develop, motivate, and retain the most qualified employees regardless of age, color, race, religion, gender, disability, national or ethnic origin, family circumstances, life experiences, marital status, military status, sexual orientation and/or any other status protected by law.