Job Description Summary

The Vulnerability Management Analyst will lead the scanning and identification of security vulnerabilities in GE networks, servers, endpoints, applications, and/or databases. Primary responsibilities will include configuration, maintenance, integration and reporting for vulnerability scanning operations and remediation activities.

Job Description

Roles and Responsibilities

In this role, you will:
• Schedule, monitor, and troubleshoot vulnerability scanning for internal customers
• Provide support and resolution for scanning and vulnerability remediation reporting issues
• Identify and resolve gaps related to Governance Risk Compliance integration and reporting
• Provide consultancy to customers and develop technical documentation, including functional specifications, system design specifications and standard operating procedures (SOPs) as necessary
• Provide technical support for vulnerability management projects
• Develop and mature operations in support of overall tool strategy

• Work with various risk teams to identify the top vulnerability risks to the company

• Produce remediation plans for vulnerabilities

• Coordinate cross functional teams to execute against remediation plans

• Provide reports, pitches, and status updates on all operational activities

• Works with GE businesses to define key risk indicators and key performance indicators

• Identify and manage asset scope for scanning operation

Education Qualification

Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with advanced experience, or equivalent experience.

Desired Characteristics

• Significant enterprise vulnerability management experience to include patch management and remediation activities in a large company

• Experience with Dynamic Application Security Testing (DAST)
• Previous Secure Development Lifecycle or Application Assessment experience
• Hands-on experience with scanning tools
• Familiarity with ServiceNow CMDB and Archer GRC tools
• Security related certifications (i.e. CISSP, CEH, CISM, CISA, CSSLP, CCNP)
• Experience with scripting languages (Python, Ruby, Perl) and BI tools (Tableau, SiSense)
• Good analytical skills, attention to detail and ability to methodically troubleshoot complex issues
• Good analytical and negotiation skills
• Good communication and presentations skills

Note

This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

Additional Information

Relocation Assistance Provided: No