Vulnerability Security Business Analyst

---

Job description

Job Description

Description:
Vulnerability Security Business Analyst responsible for reviewing Qualys & ServiceNow Drift data to ensure its accuracy, generate reports to address the security findings. You will also be responsible for building and submitting reports/dashboards for audit and compliance, internal teams and to construct new views as required. Review the existing policies and standards and make recommendations to improve accuracy and ease of readability for end users. You will be required to work with offending teams to guide remediation efforts within the allotted service level agreement timelines. Review vulnerability reports and ensure that remediation is prioritized and performed in a timely manner. Follow up with the appropriate teams to ensure Service Levels are met and escalate to the appropriate management teams. Track and manage product requirements stemming from improvements in the vulnerability management program.

Responsibilities:
- Develop and maintain process and procedure documents
- Develop and maintain management dashboards using JIRA and ServiceNow
- Develop business unit metrics and reporting
- Follow up on outstanding vulnerabilities
- Monitor and report on key vulnerability indicators and performance metrics
- Must be able to interface and coordinate work efficiently and effectively with business colleagues in different global locations and time zones
- Strong written and verbal communication skills
- Ability to manage multiple tasks concurrently
- Clearly articulate product requirements as necessary to modify systems like ServiceNow and Qualys
- Identify and manage issues, risks and dependencies across the vulnerability management program
- Create and publish regularly scheduled and/or ad hoc reporting
- Develop and maintain security utilities and metrics dashboards that help team to track/report on compliance

Qualifications/Experience:
- Bachelor degree in Computer Science, IT Information or related field
- 3-5 years of experience with vulnerability management or hardening/Drift management
- Experience as a Qualys administrator, ServiceNow administrator or have managed a Hardening/Drift management programs is recommended
- Strong business analysis skills and an ability to work well with all levels of an organization
- Understanding or practice of vulnerability management, hardening, Drift security concepts and the ability to relate/apply them to regulatory and compliance.
- Exceptional analytical and problem solving skills and experience in applying these skills to resolve issues encountered within the vulnerability management and regulatory audit process
- Familiarity with compliance rules and regulations (SOX, PCI, Financial Institution Regulations)
- Ability to clearly articulate issues and communicate in an effective and personable manner
- Strong attention to detail, project management and organizational skills
- Effective communication and collaborative verbal, written and listening skills; and experienced in communicating via video conferencing, phone conference calls, email, instant messaging and in person
- Ability to work independently and collaboratively within virtual and in-person environments
- Experienced in summarizing progress for executive reporting, progress metrics reporting and within Agile methodology reporting