Title: Exposure Management Analyst

Anticipated Duration: 6+ months Contract

Our client is seeking a passionate and experienced Exposure Management Analyst to join our Cybersecurity organization. This is a technical, hands-on role that requires the ability to assess exposures, analyze risks, and advise strategies to mitigate exposure. This role will support day-to-day continuous threat and exposure management operations focused on identifying and escalating exposed risks. Work outputs will support implementation of security technologies and controls to improve defensive posture, implementation of processes in support of investigations, and development of detection capabilities.

Qualifications:

• Bachelor’s degree in computer science, technology, engineering or security-related field or equivalent experience
• Minimum 5 years IT or security experience
• Previous experience supporting vulnerability or patch management programs
• Experience working with vulnerability scanning tools
• Understanding of OWASP common vulnerabilities and testing methodologies
• Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)
• Understanding and familiarity with different operating systems (e.g., Windows and LINUX/UNIX systems)
• Knowledge of IT security / hardening best practices; including but not limited to operating systems, web applications, and network devices.
• Experience building interactive dashboards and reports in PowerBI to visualize security metrics and exposure management data, including remediation progress, risk exposure, etc.
• Proficient in Microsoft Excel, including advanced functions such as PivotTables, VLOOKUP, and data analysis tools to organize, summarize, and interpret complex datasets.
• Experience using Splunk to run search queries, perform log analysis, and build dashboards to monitor potential exposures
• Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
• Experience driving discussions and consensus across a broad group of stakeholders and cross functional teams regarding patching, security recommendations, and mitigations strategies
• Solid verbal and written communication skills required
• Strong interpersonal skills and experience interacting with technical and non-technical stakeholders
• Ability to work independently and with a team

Job Responsibilities:

• Support day-to-day operations of the exposure management program, including reviewing data, processing reports, escalating findings to key stakeholders, tracking remediation of identified risks and mitigation strategies, assessing mitigation plan dependences, and analyzing trends
• Support execution of emergency vulnerability workflows and procedures
• Maintain awareness of publicly disclosed vulnerabilities (CVEs) and potential vulnerabilities (rumors, blogs, partial public analysis).
• Map vulnerability assessment results to asset inventory and key stakeholders
• Calculate prioritization based on assessment of risk
• Identify and recommend appropriate compensating controls to manage and remediate vulnerability risk with the focus on reducing potential impacts
• Support development of vulnerability metrics and remediation-related dashboards and reports
• Understand enterprise policies and advise policies and technical standards with specific regard to vulnerability management, scanning procedures and secure configuration
• Coordinate with key business partners to understand, prioritize, and coordinate vulnerability remediation activities
• Collaborate with peers from across the organization and maintain excellent working relationships with key partners across Technology Organization functions and business partners
• Understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs
• Demonstrate values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment

Job Requirements:

• Ability to understand business requirements and present appropriate solutions
• Ability to work independently or within a team
• Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
• Solid verbal and written communication skills
• Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
• One or more relevant industry certifications (i.e., GSEC, CISSP, CISA)

The compensation range for this position is $40/hr. to $65/hr. (dependent on factors including but not limited to client requirements, experience, statutory considerations, and location). Benefits available to full-time employees: medical, dental, vision, disability, life insurance, 401k and commuter benefits.

Synergis is proud to be an Equal Opportunity Employer. We value diversity and do not discriminate on the basis of race, color, ethnicity, national origin, religion, age, gender, gender identity, political affiliation, sexual orientation, marital status, disability, military/veteran status, or any other status protected by applicable law.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with the requirements of applicable state and local laws, including but not limited to, the San Francisco Fair Chance Ordinance, the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

For immediate consideration, please forward your resume to Jessica Rives at [email protected]

If you require assistance or an accommodation in the application or employment process, please contact us at [email protected].

Synergis is a workforce solutions partner serving thousands of businesses and job seekers nationwide. Our digital world has accelerated the need for businesses to build IT ecosystems that enable growth and innovation along with enhancing the Total Experience (TX). Synergis partners with our clients at the intersection of talent and transformation to scale their balanced teams of tech, digital and creative professionals. Learn more about Synergis at www.synergishr.com.