Menu

Vulnerability Management Analyst

at Berkley in Wilmington, Delaware, United States

Job Description

Berkley Technology Services (BTS) is a dynamic company committed to providing world class IT services. We offer a unique culture, enabling our team members to be on the cutting edge of technology while delivering high quality solutions. We are looking for outstanding individuals who will bring unique perspectives, insight and innovation to our teams. BTS, a member company of W. R. Berkley Corporation, has facilities located in Des Moines, Iowa and Wilmington, Delaware. Our functions include working with various third parties to develop, integrate, and support insurance systems of WRBC’s operating units. BTS strives to provide these functions in a holistic manner including helpdesk support, system connectivity, and operational support. Additional responsibilities include coordinating communications regarding best practices in the use of our supported systems and researching new technology. At BTS, there are opportunities associated with being a part of an established and empowering corporation while maintaining a positive personal working environment. Additionally, we provide a competitive compensation and benefits package including a casual dress code. BTS is constantly growing and expanding to meet the changing demands of one of the most successful insurance organizations in the world. Visit us at berkley-bts.com to learn more information.

The Vulnerability Management Analyst works within Berkley’s Information Security team, interacting directly with stakeholders to address issues related to remediation of vulnerability scanning and assessment. The Vulnerability Management Analyst’s support activities are focused on helping key stakeholders understand their vulnerability results, providing guidance on the remediation of failing threats, and evaluating false positives.

Maintain and improve upon, as necessary, the existing vulnerability management program, including maintenance of documents, procedures, reporting, and stakeholder communications. Provide guidance to stakeholders in support of vulnerability management services, which includes, but is not limited to, sharing goals and road maps of vulnerability management. Analysis and validation of scan/assessment results communicated to clients through reporting and results-review meetings. Provide stakeholders with remediation recommendations and guidance, up to and including remediation tracking and reporting. Provide stakeholders reports that provide the most value based on security maturity and established vulnerability management goals. This requires the ability to be adaptive in report parameters and formats depending on stakeholder needs and target audience. Ability to use analyze large amounts of data using Microsoft and other business tools to report on enterprise level vulnerability data.

Key Accountabilities

+ Execute vulnerability scans

+ Assist Stakeholders with the interpretation of their vulnerability scan results

+ Involvement in penetration testing and red-team exercises if applicable

+ Analyze penetration testing results

+ Work with metrics to help analyze and prioritize vulnerabilities for remediation

+ Track remediation work consistently in order to evidence improvements to program and closure of vulnerabilities

+ Work on process and procedure to create repeatable and consistent processes and documentation around management of vulnerabilities

+ Assist in operational projects and tasks

+ Participate in the ongoing improvement of the scanning and vulnerability remediation processes

+ Providing remediation support on any potential findings

+ Travel expected – minimal

Minimum Qualifications (Education/Experience/Certification/Skills):

+ 6-8 years of analyst experience with at 3-4 focused on vulnerability management

+ Experience in common application Security and Penetration Testing techniques is a strong plus

+ Insurance and/or financial experience is desired, preferably within the commercial property and casualty lines

+ Considers the business implications of the application of technology to the current business environment.

+ Solid working knowledge of standard features and functions of multiple applications/modules to field, analyze and resolve customer issues/problems.

+ Identifies problems, researches alternatives, prepares presentations, drives solutions, tests to confirm, gains consensus, and implements solutions for multiple applications within multiple functions

+ Excellent understanding and working knowledge of one or more of the common vulnerability scanning tools (Tenable, Rapid7 or Qualys)

+ Ability to work with regulatory, legal and security best practices including General Data Privacy Regulation (GDPR), NYS DFS 23 NYCRR Part 500, Sarbanes-Oxley (SOX), ISO 27001/27002

+ In-depth knowledge and experience with triage and investigation of vulnerability data

+ Some knowledge of Unix, LINUX and Windows operating environments, Oracle database and SQL Server

+ Proven stakeholder management at technical and executive levels is a must

+ Proven ability to be ability to execute and deliver in a complex environment with grace

+ Knowledge of program and project management experience a strong benefit

+ Proven ability to prioritize work load, work effectively on concurrent tasks, and be able to meet project deadlines

+ Strong written and oral communication skills in order to define business and technical parameters and lead team to meet business requirements.

+ Bachelor’s degree in computer science or related field

+ Industry certification preferred such as CISSP, CCSE, VCP, CCDA, CCNA, Server+ or certifications from Red Hat or Microsoft desirable

Soft skills:

+ Highly organized and detail oriented – able to function under pressure, trouble shoot, emplace structure where necessary and prioritize between competing activities

+ Approachable and outgoing with excellent verbal and written communication skills

+ Takes ownership and maintains accountability

+ Proven self-starter with energy, passion and drive

+ This role will suit a candidate with experience working for smaller organizations where they have been highly visible to the business and where initiative and pro-activity are key

+ Emotional intelligence and ability to get on with people and to get the best from them

+ Ability and willingness to learn quickly Hands-on mentality, very good analytical capabilities and aptitude, with diligent work attitude

The Company is an equal employment opportunity employer.

COVID-19 vaccine required unless prohibited by law.

Job ID: 2021-5468

Name: Berkley Technology Services LLC

Street: 101 Bellevue Parkway

Industry:

Financial ServicesInsurance

Seniority Level:

Mid-Senior Level

Job Functions:

Information TechnologyOther

Employment Type:

Full-Time

To view full details and how to apply, please login or create a Job Seeker account
How to Apply Copy Link

Job Posting: JC189456845

Posted On: Aug 07, 2021

Updated On: Dec 03, 2021