Vulnerability Analyst Resume Sample
Work Experience
- Support Head of RTBVM with Vulnerability Management and Remediation. Deliver prioritised remediation initiatives in line with the team’s objectives
- Advanced knowledge of Microsoft Excel and the Microsoft Office Suite including VBA
- Knowledge of industry standard scoring models such as CVSS
- Support client facing / end user helpdesk and other IT Support Team’s
- Support efforts in critical infrastructure sectors and FEMA regions
- Support outreach activities to Federal, State and local government partners and the private sector, including requirements management
- Extensive technical writing skills and communication skills
- Experience with one or more enterprise vulnerability scanning products
- Capable of validating technical vulnerabilities in networks, operating systems, and applications
- Protects sensitive information and maintains the confidentiality and integrity of data through
- Knowledge of security management, network & protocols, data and application security solutions
- Manages the day-to-day operations of the security systems by monitoring system performance, configuration, maintenance and repair. Ensures that records of system downtime and equipment inventory are properly maintained
- Investigates and analyses security matters, identifies methods, solutions, responses to situations, and provides leadership and management in order to deliver a high level of service
- Performs troubleshooting as required, and can lead problem-solving efforts often involving vendors and other support personnel and/or organisations
- Develops procedures to maintain security and protect systems from unauthorised use, and acts of abuse
- Develops tools, procedures, and training sessions for security operations, and stakeholders across the Aviva group
- Stays current with developments in cyber security and recommends ways for Aviva to maximise value, and take advantage of new technology and techniques
- Familiar with system and application hardening standards
- Thorough understanding of how to calculate CVSS v3 adjusted scores
- Self-directed and accustomed to being part of a globally dispersed team
- Inspire and influence teams including staff and Health Information Technology & Services business partners to deliver risk management solutions and offerings effectively to the academic medical center’s community
- Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to client's environment, and determine and implement mitigating controls
- Be a champion for vulnerability management and information security including broadening awareness and use of the team's services, education of security best practices and integration with other business areas
- Develop an understanding of Johnson Controls, PLC lines of business and potential threats
- Responsible for supporting Security Operations functions including Threat and Vulnerability Management
- Responsible for supporting 3rd party and internal assessments
Education
Professional Skills
- Scripting skills with an automation language (Perl, Python, PowerShell, Ruby, etc)
- Experience in managing and operating IT infrastructure with hands on experience on Firewall’s, VPN and other Security appliances
- Prior experience administering Windows and Linux systems; administrator and root privileges
- Strong experience analyzing exploits related to commonly exploited software
- Prior experience with Azure AD Connect synchronization tool
- Solid technical and security knowledge and experience with at least 5yrs experience in complex IT systems management and support
- Leadership and mentorship skills
How to write Vulnerability Analyst Resume
Vulnerability Analyst role is responsible for automation, software, training, integration, database, auditing, security, reporting, design, research.
To write great resume for vulnerability analyst job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Vulnerability Analyst Resume
The section contact information is important in your vulnerability analyst resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Vulnerability Analyst Resume
The section work experience is an essential part of your vulnerability analyst resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous vulnerability analyst responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular vulnerability analyst position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Vulnerability Analyst resume experience can include:
- Scripting experience (Various: Python /Perl/Java/Ruby etc)
- Solid understanding of existing threats & mitigation / remediation strategies
- Understands the importance of strong process and structured documentation / reporting capabilities
- PhD or Master in the field of Embedded Security and proven expertise (publications, etc.) in Side-Channel Analysis
- Identifying published vulnerabilities affecting and immediately understanding the exposure of the Bank's assets
- Identifying published vulnerabilities affecting and immediately understanding the exposure of the Banks assets
Education on a Vulnerability Analyst Resume
Make sure to make education a priority on your vulnerability analyst resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your vulnerability analyst experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Vulnerability Analyst Resume
When listing skills on your vulnerability analyst resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical vulnerability analyst skills:
- Strong team member skills, building and maintaining effective working relationships with key stakeholders in different disciplines and geographies
- Possession of excellent oral and written communication skills, including technical communication
- Demonstrate strong problem solving abilities whilst being able to work independently
- Proven experience with Vulnerability Assessment tools (Nexpose, Nessus, Qualys) required
- Prior work experience in systems administration
- Solid technical and security knowledge with at least 3yrs experience in complex IT systems management and support
List of Typical Experience For a Vulnerability Analyst Resume
Experience For RTB Vulnerability Analyst Resume
- Excellent written and verbal communication skills to draft and present comprehensive vulnerability assessment reports
- Management and communication with business critical stakeholders in order to respond effectively to imminent threats
- Relevant experience; or equivalent combination of relevant education and experience
- Communicate effectively through meetings, email and Microsoft Office
- Experience in presenting findings and making recommendations at a senior management level
- Inform remediation procedures and prioritization based on susceptibility by technical means and overall risk exposure
- BS in Computer Science or equivalent knowledge and experience
- Experience in vulnerability management or related cyber security field
Experience For Threat Intelligence & Vulnerability Analyst Resume
- Review and validate vulnerability findings
- Advise technical and non-technical audiences on appropriate prioritization of patch deployment
- Using scripting languages such as Python to write code to aid in investigations
- Understanding of Cybersecurity standards and frameworks, eg: ISO 27001 and 27002, NIST, CIS, OSA, OWASP, SANS, COBIT
- Identifying weaknessesand vulnerabilitieswithin the system and proposing countermeasures
- Knowledge of various operating systems and common applications
- Familiar with various testing tools & strategies
- Prepares reports on vulnerability testing and works with business units to develop remediation plans
- Have a broad scope of knowledge covering common IT technologies (OS, databases, network devices, applications)
Experience For Threat & Vulnerability Analyst Resume
- Technical understanding of cyber-attacks, threat vectors ,in particular insider threats
- Intermediate knowledge of Windows Server and Desktop operating systems
- Make decisions and take independent action on tactical and operational matters affecting Information Security issues
- (system design and engineering documents, operational run books)
- DoD 8570 IAT III Certification, including CASP CE, CISA, CISSP or Associate, or GCED, GICSP, or GCIH
- Capable of working in a fast paced agile environment
- Vulnerability assessment and port scanning expertise with various tools
- Broader overall security related responsibilities as part of a cutting-edge security team
- Contribute to design, development and maintenance of security standards and controls
Experience For Cybersecurity Vulnerability Analyst Resume
- Operating vulnerability assessment tools, including network scanners and host-based detection agents to provide continuous monitoring of the estate and detection of vulnerabilities. This includes the liaison and management of 3rd party vendors who provide independent vulnerability assessments of the perimeter
- Ensuring an active assessment capability across all networks and infrastructure. Continuing to monitor the effectiveness of this assessment capability and working with engineering teams to improve the capability where necessary
- The ongoing development of KPIs, reporting and metrics and communication as to the state of vulnerabilities globally
- Continuous analysis of vulnerability and security data to identify trends and weaknesses with patching effectiveness or a growing number of vulnerabilities in a specific area
- Perform vulnerability analysis and documentation
Experience For Lead Patch & Vulnerability Analyst Resume
- Engage with senior security researchers
- Document security tools and associated systems
- Perform security research activities on both known and unknown vulnerabilities
- Perform vulnerability/penetration assessments
- Knowledge of detection & protection technologies (IDS/IPS/WAF)
- Awareness of KillChain model
- Fast paced and versatile
- Be a champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas
- Partner with other security and IT professionals to assess potential impact from vulnerabilities specific to Allstate’s environment, and determine and implement mitigating controls
Experience For Senior Patch & Vulnerability Analyst Resume
- Expierence with PowerShell scripting required
- Analysis of vulnerability scan data to identify critical vulnerabilities and to determine gaps in patch / vulnerability management processes
- Tracking publicly and privately released vulnerabilities and assists in the triage process including identification, criticality evaluation, remediation planning, communications and resolution
- Keep up with the changing nature of security threats and researches and investigates new and emerging vulnerabilities and participate in external security communities
- Develops reporting and metrics for various stakeholders as to the current vulnerability status for the environments they are responsible for
Experience For Citi Infrastructure Vulnerability Analyst Resume
- Provide reporting and analysis and follow up
- Knowledge of scripting and common web application languages
- Familiarity with vulnerability scanning platforms: Nexpose, Nessus, Qualys, OpenVAS, etc
- Develops procedures to drive maturity improvements to Aviva’s vulnerability management lifecycle
- Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure
- Daily assessment of vulnerabilities identified by infrastructure scan
- Evaluate, rate and perform risk assessments on assets
Experience For All Source Threat & Vulnerability Analyst Resume
- Send and receive notifications to the SMEs of vulnerabilities within the environment
- Maintain awareness of confirmed, potential, publicly disclosed (CVEs), and privately generated vulnerability information
- Assess complexity of, availability of, or feasibility to create an exploit
- Align vulnerability and asset inventory to ensure proper assessment coverage and frequency
- Measure for adherence with secure configuration best practice and develop benchmarks derived from industry sources such as DISA, STIGs, NIST, CIS, OWASP, and USGCB
- Coordinate and track interdepartmental remediation activities
- Monitor a strategic, comprehensive corporate, commercial and federal information security monitoring and operation program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization
- Daily security activities related to the protection of corporate and other federal assets including scanning tools and ticketing systems documenting the identification and remediation process for identified system flaws
Experience For Vulnerability Analyst Internship Resume
- Providing vulnerability assessmentand penetration testingservices to Citi businesses globally through a comprehensive testing process
- Create a detail technical report concerning vulnerabilities along with PoC code
- Share vulnerability intelligence with other security teams including threat intelligence, security operations and risk management
- Determine and suggest mitigating controls
- Interaction with multiple global teams (cyber analytics , hunt, security architecture, penetration testing, application development, Risk Officers, etc)
- Use a scripting language (Python, Perl, Ruby, etc.)
Experience For Vulnerability Analyst, Senior Resume
- Provide information to system owners of flaws identified within that group’s responsible systems
- Ensure that IBM Cloud is in compliance with all applicable Federal, IBM Internal and industry standard directives and policies regarding securing and monitoring of information systems
- Assessment of Critical vulnerabilities
- Perform a deep technical analysis of vulnerabilities and associated exploits
- Evaluate, rate and perform risk assessments
- Knowledge with exploitation mitigation techniques ( DEP, ASLR , stack cookies)
List of Typical Skills For a Vulnerability Analyst Resume
Skills For RTB Vulnerability Analyst Resume
- Manage the vulnerability database making sure it is up to date and prioritizing vulnerabilities in a risk based manner
- Experience with securing system configurations per DoD STIGs using STIG Viewer, SCAP Compliance Checker, and Open SCAP
- Experience with securing system configurations per DoD STIG using STIG viewer, SCAP Compliance Checker, and Open SCAP
- ) Experience building custom scans and custom reports, documenting repeatable processes for TVM
- Demonstrated understanding of the Secure Development Lifecycle (security requirements, threat modeling, attack surface analysis)
- Experience in working with a wide range of stakeholders in the context of improving security
Skills For Threat Intelligence & Vulnerability Analyst Resume
- Experience managing and tracking vulnerability cases
- Enterprise-level experience managing the remediation of vulnerabilities in two or more of the following areas
- Good understanding of Windows and Linux OS and patching
- ) Experience deploying / configuring of a TVM tool: Client uses Nexpose, but open to Nessus or Qualys as well
- Assesses the risk from not only a tactical perspective but also a strategic/global scale and apply these findings to aid in prioritizing remediation efforts
- Counterintelligence experience in one or more of the following areas
- Experience with Linux and/or Windows based port scanning tools
- Demonstrate thorough understanding of security concepts
Skills For Threat & Vulnerability Analyst Resume
- Demonstrate thorough knowledge designing vulnerability mitigations
- Demonstrate knowledge of industry best practices for vulnerability and baseline compliance scanning
- Experience of working within a large enterprise vulnerability management program
- Experience with software testing and assessment or software security assurance (SSA)
- ) Experience with Nexpose, Tenable, Nessus or Qualys for scanning
- ) Experience documenting repeatable processes for TVM
- Demonstrate knowledge of operating systems security (Windows, Unix, Linux)
- Experience managing RSA/VRM tool
- Experience in vulnerability management, penetration testing or software development
Skills For Cybersecurity Vulnerability Analyst Resume
- Experience with Microsoft and Unix-based operating systems
- Experience supporting network security investigations
- Strong familiarity with common vulnerability & exploit tracking/collaboration circles
- Experience with Tenable Nessus
- Experience with system administration (Linux and Windows)
Skills For Lead Patch & Vulnerability Analyst Resume
- Demonstrate thorough knowledge network, OS, and application vulnerabilities
- Prioritize vulnerabilities by their risk to the organization
- Demonstrate basic knowledge of the Cybersecurity field
- Experience in Information Security or Vulnerability Management processes
- Experience with Qualys or Nessus would be beneficial
- Demonstrated analytic expertise – to include ability to think critically and logically in a dynamic, high-pressure, fast-paced environment
- Strong knowledge of Azure Active Directory
- Strong knowledge of Federation Services such as PING Federate or ADFS
Skills For Senior Patch & Vulnerability Analyst Resume
- Practical experience with Splunk on a large enterprise level
- Strong commitment to customers
- Experience in either vulnerability management or related information security field
- Experience with GRC tools such as Archer
- Salary: £30,000 to £59,000 dependent on experience
- Salary: £35,000 to £50,000 dependent on experience
- Experience with VMware Virtual Center desired
- Compiling, disseminating and tracking security vulnerabilities with internal remediation teams
- Supporting Cyber Security Operations team during major security incidents and providing subject matter expertise
Skills For Citi Infrastructure Vulnerability Analyst Resume
- Understanding and developing enterprise policy (technical standards) with regard to enterprise vulnerability management and secure configuration
- Tracking and reporting on discovered vulnerabilities and remediation efforts
- Sourcing and tracking of public and pre-embargoed vulnerability disclosure sources
- Assisting Program Managers with reporting and continuous motion on remediation efforts
- Working with engineering teams for solutions,
- Understanding of basic cloud concepts
- Understanding of secure network/systems configuration management
- Assessing the current threats (with a vulnerability emphasis) to understand the risk they could pose to Aviva’s estate
- Researching threats and vulnerabilities and where appropriate, take action to mitigate threats and remediate vulnerabilities
Skills For All Source Threat & Vulnerability Analyst Resume
- Reviewing application, system, and network security vulnerabilities
- Understanding the concepts of exploitations
- Monitoring client sites for vulnerability announcements,
- Notifying other teams of vulnerabilities,
- Working with various operations teams to implement solutions, and
- Working knowledge of SCCM is required
- Assisting Cyber Security project team to deliver incremental improvements across ASR
Skills For Vulnerability Analyst Internship Resume
- Operation of solutions throughout the lifecycle of vulnerability management including asset management, scanning/testing, analysis, reporting, and ticketing
- Executes and leads mobile black box testing, source code analysis, manual pentesting, vulnerability assessment and training
- Knowledge of various testing techniques including static & dynamic analysis, fuzzing
- Capable of identifying/driving solutions and providing guidance in an autonomous manner
- Participate collecting, assessing, and cataloging threat indicators
- Leverage scripting and/or programming languages to automate various job tasks
Skills For Vulnerability Analyst, Senior Resume
- Thorough understanding of fundamental security and network concepts (operating systems, IPS/IDS, TCP/IP, ports, etc.)
- Obtained certifications in one or more of the following: GIAC, CEH, CISSP, CISA, Vulnerability scanning tools such as Qualys/Nessus
- Comprehensive knowledge of Linux, Mac, and Windows operating systems, and networking protocols
- Job Type: Strategy - Planning
- Deliver tangible results in decreasing the number of vulnerabilities in the Liberty Global Infrastructure
- Reports out on vulnerability and penetration testing and works with business units to develop remediation plans
- Keeps up with the changing nature of security threats
- Design asset onboarding procedures to make sure all assets are accounted for
- Possess understanding of Cyber Security / Information Security Frameworks
List of Typical Responsibilities For a Vulnerability Analyst Resume
Responsibilities For RTB Vulnerability Analyst Resume
- More than 3 years’ experience in Vulnerability analysis
- Experience with the common tools associated with penetration testing (Metasploit, Burp Suite, Kali etc.)
- Take personal responsibility for the priority of remedial actions and manage to conclusion
- Work with your partners within the IT department to priorities and remediate vulnerabilities
- Operation of various scanning tools in use
- Analysis and reporting of all applicable publicly disclosed zero-day vulnerabilities
Responsibilities For Threat Intelligence & Vulnerability Analyst Resume
- Prioritize and assign vulnerability findings to remediation owners. Coordinate meetings to drive the remediation process and produce vulnerability statistic reports for management
- Support the WestRock culture of Integrity, Respect, Accountability and Excellence. Demonstrate a focus on problem-solving, continuous improvement and teamwork across internal and external borders
- Theoretical understanding of programming languages (C/C++, Java, Python, PHP, or similar)
- Works closely with the Risk Management, ISOC and Intel teams
- Interacts with business units to discover, triage and resolve security vulnerabilities with manual and automated tools to enforce security criteria as part of a Secure Development Life Cycle on a continuous basis
- Counterintelligence experience, to include
- Researches and investigates new and emerging vulnerabilities and participate in external security communities
- Intelligence or Counterintelligence support to Research Development & Acquisitions (RDA)
Responsibilities For Threat & Vulnerability Analyst Resume
- Supply Chain Risk Management (SCRM)
- Familiarity with DoD Acquisition and Intelligence policy
- Problem solve across numerous Application, LAN, and WAN technologies
- CEH, CISSP, CISM, or other Cyber-related Certifications
- In an Information Security role
- Manually assess vulnerabilities and verify false positives
- DoD 8570 IAT II- CISSP or Security+ certification
Responsibilities For Cybersecurity Vulnerability Analyst Resume
- MS Office, Access, Excel, VISIO
- Knowledge of common IT technologies (OS, databases, network devices, applications)
- Stays current with cyber-threat and vulnerability research
- Work independently and collaborate closely with security and systems engineers
- A team player with an ability to work collaboratively with others
- Work in dynamic and matrix organization environment
- Demonstrated knowledge of vulnerability management and security patching is required along with experience working with tools such as Nexpose, Nessus, OpenVas, Nmap, Acunetix Web Vulnerability Scanner, PowerShell, Python and W3af is required
Responsibilities For Lead Patch & Vulnerability Analyst Resume
- Work independently and execute multiple tasks in a fast pace environment
- Experience with auditing and reporting on network, system, and application security, scanning and detecting system vulnerabilities, performing risk analysis and risk assessment, and mitigating risks to systems security
- Knowledge of DIACAP for GENSER systems, National Institute of Standards and Technology (NIST) SP 800-53 for unclassified systems, and DoDI 8500.01-DIACAP or RMF
- Produce briefings and reports for senior-level audiences
- Track down vulnerability owners
- Experience managing systems in both private and cloud hosted services (IaaS, SaaS, PaaS), and an array of operating systems to include Wintel, Midrange, Linux, Mainframe platforms
- Professional qualifications in computer technology
- Able to plan, organise and document complex system activities and to configure systems to be consistent with policies and procedures
- Data collection and analytics, interpretation, and presentation
Responsibilities For Senior Patch & Vulnerability Analyst Resume
- Able to communicate complex technical information clearly, both verbally and in writing, and establish and maintain collaboration, understanding, trust and credibility
- Experience managing systems in both private and cloud hosted environments (IaaS, SaaS, PaaS), and an array of operating systems to include Wintel, Linux, Midrange and Mainframe platforms
- Understanding of Information and Cybersecurity standards and frameworks, eg: ISO 27001, PCI DSS, NIST, CIS, OWASP, COBIT
- Able to define use cases and requirements to implement and improve the maturity of people, process and technology around vulnerability management
- In-depth understand of web application vulnerabilities
- Make sure that vulnerability reports are regularly shared with the asset owners
- Maintain a set of metrics across the estate and provide reports to senior management about the exposure in terms of unmitigated vulnerabilities and the risk they pose
Responsibilities For Citi Infrastructure Vulnerability Analyst Resume
- Actively discover assets to be assessed through the use of technology and people engagement
- Testing of the overall security of critical infrastructure components and applicationsto ensure they comply with internal policies, security architecture best practices, and industry standards
- Scanningand discoveringrouge hosts, networks, and devices
- Scanningand discoveringvulnerable systems and applications
- Reportinginformation security vulnerabilities to businesses
- Assessment and analysis data collected from scan tools
- Identification of overdue system remediation efforts
- Coordination with system owners to identify and remediate scan problems
Responsibilities For All Source Threat & Vulnerability Analyst Resume
- Coordination with system owners to provide requested details about scan findings, scan methodologies and remediation recommendations
- This individual tracks and reports on remediation efforts from start to finish
- Maintain the vulnerability management solution ensuring that all assets in scope are scanned for vulnerabilities, on a scheduled basis and that the findings are brought to the attention of the asset owners
- Performs event correlation using information gathered from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Analyzes identified malicious activity and determines appropriate course of action in response to identified and analyzed anomalous network activity
- Analyzes existing processes, standards, policies and/or equipment and makes process improvement recommendations to managers ensuring compliance with laws, standards and policies while managing business risks
- Develops positive relationships with other business and IT functions involved in security and privacy matters
Responsibilities For Vulnerability Analyst Internship Resume
- Provides Information Security guidance to IT project teams and awareness throughout the organization
- Performs root cause analysis, and makes recommendations on changes for review by others
- Makes recommendations to enhance performance and improve security and privacy protection measures
- Maintains knowledge of applicable policies, regulations, and compliance documents
- Position requires experienced Cybersecurity Analyst who is responsible for interfacing with engineering and operations teams to monitor and track vulnerabilities and remediation efforts across a large-scale enterprise network in a DoD environment
- This individual tracks and reports on remediation efforts from start to finish. The position is located on site at Norfolk, VA working in a semi-autonomous environment to analyze vulnerabilities and monitor remediation and mitigation efforts
Responsibilities For Vulnerability Analyst, Senior Resume
- Additional requirements are the ability to analyze and report on ACAS findings, an understanding of the Security Technical Implementation Guides (STIGs), and a thorough understanding of Information Assurance Vulnerability Alerts (IAVAs) and Common Vulnerability and Exposures (CVE)
- Drive vulnerability remediation through analysis of daily, weekly and monthly vulnerability scan data; prioritize remediation efforts
- Identify vulnerable systems owners and application owners by researching internal tools, asset inventories and through staff interviews, update asset inventories where appropriate
- Coordinate remediation efforts by negotiating patching and maintenance windows with business owners and support teams
- Develop, maintain and update remediation run books and reference guides