Vulnerability Analyst
Location
Portugal
Posted
4 days ago
Salary
€45K - €55K / year
Seniority
Mid Level
Job Description
Vulnerability Analyst
Intermedia Cloud Communications
• Manage and maintain vulnerability scanning operations using commercial and open-source security tools across enterprise infrastructure, cloud environments, operating systems, applications, and externally exposed services • Monitor threat intelligence feeds, vendor advisories, security research, and emerging vulnerabilities to identify risks impacting Intermedia systems and escalate critical threats appropriately • Work directly with infrastructure, operations, engineering, and application teams to develop practical remediation and mitigation plans for identified vulnerabilities • Track remediation progress against defined SLAs, follow up on overdue items, and communicate risk and remediation status to leadership through metrics and reporting • Maintain and support vulnerability management platform, scanner infrastructure, cloud integrations, asset inventory integrations, and related automation workflows • Maintain vulnerability management procedures, standards, documentation, and operational processes to ensure accuracy, consistency, and alignment with security best practices • Collaborate with Security Operations and Incident Response teams during security investigations, threat analysis, incident response activities, and remediation efforts • Assist with identifying unmanaged, unsupported, or non-compliant systems through asset inventory analysis and vulnerability assessment activities • Support audit, compliance, and governance activities by maintaining accurate remediation records, exception tracking, and supporting documentation
Job Requirements
- Bachelor’s Degree or equivalent combination of education and experience
- Minimum 2 years of relevant experience
- Experience with Vulnerability Management and related processes and procedures
- Experience utilizing Qualys for the following: Scans servers, desktops, cloud workloads, and network devices to identify security vulnerabilities
- Fundamental Information Security knowledge and general understanding of systems and networking fundamentals
- Experience with Microsoft technologies and Linux operating systems
- Understanding of OWASP Top 10 and familiarity with vulnerability management concepts such as CVE, CVSS, and emerging threat intelligence
- Excellent written and verbal communication skills with the ability to work effectively across teams
- Demonstrates resourcefulness, teamwork, strong ownership, and the ability to manage priorities with urgency
- Knowledge of cloud platforms and related technologies; Python and PowerShell experience is a plus, but not required
Benefits
- We hire, promote, and compensate employees based on their ability to perform their job responsibilities, without regard to race, color, creed, religion, sex, gender, marital status, national origin, ancestry, age, citizenship, physical or mental disability, sexual orientation, or any other basis protected by applicable law (collectively referred to in our Code of Conduct as “Protected Classes”).
- We do not tolerate employment discrimination in the workplace, and we are committed to making reasonable accommodations for identified disabilities or other limitations as required by all applicable laws.
- We are an equal opportunity employer and value diversity at our company.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Security Awareness Analyst
Monzo BankWe're a bank that lives on your phone, on a mission to make money work for everyone.
• Create engaging security awareness content across channels including Slack, email, presentations, training, and events. • Develop micro-learning, behavioural nudges, and awareness campaigns that encourage secure habits across Monzo. • Manage the day-to-day delivery of the security awareness programme, including campaigns, content, documentation, and reporting. • Translate complex security topics into clear, practical guidance that helps Monzonauts make confident decisions. • Use behavioural insights, metrics, and user feedback to continuously improve security awareness and influence the roadmap. • Partner with Security, People, Tech, Risk, and Customer Operations to improve security behaviours, reduce user friction, and communicate emerging threats.
Disaster Recovery Analyst
Mastech DigitalMastech Digital delivers IT staffing services and digital transformation services for companies across the United States and beyond. The specialist staffing com
Title: Disaster Recovery Analyst Location: Dallas, TX Job Code: 301436 Job Description: Mastech Digital provides digital and mainstream technology staff as well as Digital Transformation Services for all American Corporations. We are currently seeking a Disaster Recovery Analyst for our client in the Software domain. We value our professionals, providing comprehensive benefits and the opportunity for growth. This is a Contract position, and the client is looking for someone to start immediately. Duration: 12 Months Contract with possible extension Location: Dallas, TX (Remote) Salary: $60.00-$70.00/Hourly Role: Disaster Recovery Analyst Primary Skills: “DISASTER RECOVERY”, Ransomware, Air Vault, DRP, Disaster Recovery policies Role Description: The Disaster Recovery Analyst must have 4+ years of experience. Required Qualifications: - 4+ years of similar or related experience in such fields as Disaster Recovery, Business Continuity and Enterprise Operational Resilience. - Working knowledge of Disaster Recovery professional practices, including Business Impact Analysis, disaster recovery plan (DRP), redundancy and failover mechanisms DR related regulatory requirement, and Business Continuity Plan exercises and audits. - Ability to motivate, influence, and train others. Education: Any Experience: Minimum 4+ years of experience Relocation: This position will not cover relocation expenses Travel: No Local Preferred: Yes Note: Must be able to work on a W2 basis (No C2C) Benefits: We have various coverages and additional benefits to choose from: - Medical, Dental (Including Ortho) & Vision Insurance (Option to Enroll). - Paid Leaves (Wherever applicable). - Life & Disability Coverage (Upon eligibility). - 401K Option, Education Assistance Program and more.
Cyber Security Analyst - Vulnerability Management - Associate
Sumitomo Mitsui Banking - SMBCSumitomo Mitsui Banking - SMBC serves a global base of customers with diversified financial services. The banking corporation was formed in 2001 through the mer
Cyber Security Analyst - Vulnerability Management - Associate Job Level: Associate Location: Charlotte, NC, US, 28202 Employment Type: Full Time Requisition ID: 6317 Hybrid Job Description: SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges. In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd. Role Description As a Vulnerability Management Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of dedicated professionals and leverage this passion to ensure our vulnerability remediation activities are effective and efficient and that we keep pace with a rapidly changing threat landscape. You will help protect the Bank's networks, applications, and infrastructure by working with IT owners to identify and mitigate risks that may be targeted by threat groups. The Vulnerability Management team is responsible for working with relevant stakeholders to identify, analyze, mitigate, and report on vulnerabilities. The goal is to take a proactive and risk-based approach to identifying and addressing gaps within SMBC to protect the Bank's network and data from a cyber-attack and in turn, protect its reputation and the trust of customers. In this role, you will be responsible for configuring scans, researching the latest threats, analyzing large datasets, conducting risk assessments, coordinating remediation of identified risks, and reporting on compliance levels and opportunities for improvement across the enterprise. Due to the rapidly growing technological footprint and threat landscape, this role requires a quick learner that is proactive, analytical, diligent, and organized. The role will require interaction with various teams to effectively communicate and address risk and promote the use of secure technologies in line with security standards. The role offers the opportunity for a security professional to work in a challenging and complex enterprise environment, using leading edge tools and technologies. Role Objectives - Triage vulnerability alerts from security tools, external intelligence providers, penetration tests, and user-reported findings to assess impact to organization - Configure network, infrastructure, and/or application vulnerability scans and policy checks and conduct manual testing as needed to validate findings - Liaise with various business units to conduct vulnerability assessments, consult on risk reduction strategies, and supervise remediation such that vulnerabilities are addressed within required timelines - Conduct attack surface risk modeling and articulate high-risk areas to stakeholders in collaboration with Threat Intelligence and Threat Hunting functions - Assist in production of periodic vulnerability management reports and statistics for management - Tune vulnerability management tools to increase coverage, reduce false positives and false negatives, and improve processes - Liaise with Optimization team to set up detections and mitigations i.e., Intrusion Prevention Systems, ensuring we have signatures in place to protect us from relevant threats - Support culture of continuous improvement by proactively investigating new risks and opportunities to strengthen Bank's security posture Qualifications and Skills - 2+ years of cybersecurity, IT, or related experience - Bachelor of Information Technology, Computer Science, or similar preferable - Strong understanding of MITRE ATT&CK framework, common vulnerabilities, and exploits - Strong analytical and problem-solving abilities - Understanding of networking concepts and common operating systems - Ability to analyze large datasets, multi-task, and effectively prioritize tasks - Strong interpersonal and communication skills (written and verbal) - Ability to multi-task and remain productive in a dynamic, service-driven and results oriented environment - Ability to script tasks and automate processes is a plus - Working knowledge of cloud technologies and containerized environments is a plus Additional Requirements SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required. Nearest Major Market: Charlotte
• Dedicated to the operation of monitoring and managed response (MSS/MDR) • Monitor, triage, and investigate alerts and incidents in OT/ICS environments • Conduct root cause analyses for events involving PLCs, HMIs, and RTUs • Correlate OT events with IT telemetry • Support the Detection Engineering team in building and refining use cases • Maintain and evolve clients' OT asset inventories • Participate in OT vulnerability management cycles • Serve as the technical point of contact in meetings with industrial clients • Produce technical and executive reports on investigations conducted



