Vulnerability Analyst
Indexed description
Job Title: Vulnerability Analyst
Work Location & Reporting Address: Atlanta, GA 30308 (Hybrid)
only GC/USC
Job Details:
Minimum years of experience required: 10+ years
Must Have Skills:
• 5+ years of experience in vulnerability management support, with knowledge or regulatory frameworks (i.e., FFIEC, NIST).
• Experience leading patch & vulnerability management support programs.
• Experience with ServiceNow, including dashboard creation and reporting.
• Experience with patching, upgrades, and system lifecycle management
Nice to Have Skills:
• ServiceNow Administration – Experience administering and supporting ServiceNow, including Vulnerability Response (VR).
• Data Visualization & Reporting – Strong proficiency in reporting and analytics tools such as Power BI and Tableau to track and communicate risk and remediation metrics.
• Security & Infrastructure Tooling – Familiarity with enterprise tools such as ServiceNow VR, Microsoft SCCM/MECM, Cisco Intelligent Insights, and Qualys.
• Cloud & Container Vulnerability Management – Proven experience identifying, analyzing and driving remediation of vulnerabilities across cloud platforms (AWS/Azure), including containerized and Kubernetes environments.
• Container & Kubernetes Knowledge – Working knowledge of container technologies and orchestration platforms, including Kubernetes.
Detailed Job Description:
Job Summary:
Responsible for executing vulnerability management governance & oversight activities across enterprise technology assets, including identification, analysis, prioritization, and remediation of security vulnerabilities. This role partners closely with Cybersecurity, Technology, and Risk teams to reduce risk exposure and ensure alignment with Truist security standards, policies, and regulatory requirements.
Job Description
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Following is a summary of essential functions for this job. Other duties may be performed as needed.
• Governance, Reporting & Compliance: Track and report vulnerability remediation status, metrics, and trends. Ensure alignment with enterprise governance frameworks, audit requirements, and regulatory standards.
• Collaboration & Partnership: Build strong partnerships with infrastructure, application, and platform teams to drive timely remediation. Communicate effectively with stakeholders across technology and risk organizations to ensure alignment and transparency.
• Vulnerability Management & Risk Reduction: Execute vulnerability remediation activities across infrastructure, applications, and platforms. Address vulnerabilities identified through automated scanning, threat intelligence, and vulnerability coordination efforts, aligned with priorities established by Truist Threat Exposure Management (TEM).
• Technical Analysis & Problem Solving: Conduct detailed technical assessments to understand vulnerability impact, root cause, and exploitability. Develop and recommend remediation or mitigation strategies that align with business and technical constraints.
• Risk-Based Prioritization: Assess and prioritize vulnerabilities based on severity, business impact, and threat context. Ensure adherence to enterprise risk tolerance, service-level agreements (SLAs), and regulatory expectations.
• Security Vulnerability & Controls Alignment: Support secure configuration, system hardening, and patching practices across distributed environments. Align remediation activities with enterprise security baselines, CIS benchmarks, and Truist policies.
• Continuous Improvement: Identify opportunities to improve efficiency through automation, scripting, and process optimization. Contribute to enhancements in vulnerability management tooling, reporting, and workflows.
• Remediation Support: Assist in incident response efforts when vulnerabilities represent active or imminent threats.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search