Vulnerability Management Analyst (VM Data Analytics)

72528
Toronto, ON
Contract
14 days ago
Data Analysis

Vulnerability Management Data Analyst

The Vulnerability Management Data Analyst will support the our client in the public sector in the delivery of multiple cyber initiatives related to IT and OT (operational technology) domains.

Assignment Duties
•            Deliver Vulnerability Management related reporting and metrics including KPIs and KRIs.
•            Regularly conduct vulnerability, discovery, and policy scans on IT and OT systems
•            Configure and maintain asset tagging based on various parameters such as asset criticality, ownership, function, location etc.
•            Generate scheduled scan reports and present scan reports to City divisions and onboarded agencies and corporations.
•            Generate policy scan reports and perform compliance check against multiple industry standards and CIS benchmarking.
•            Send out patch advisories to stakeholders.
•            Ensure smooth onboarding       of various entities into the City’s Vulnerability Management (VM) IT and OT solutions and services.
•            Manage and perform VM IT&OT systems operational activities.
•            Setup customized dashboards to showcase vulnerabilities specific to the divisions, agencies, and corporations.
•            Utilize threat intelligence and contextual data to enhance vulnerability prioritization.
•            Work with cross-functional teams to recommend and implement risk mitigation strategies based on prioritization.
•            Coordinate with the vendor and the support team to resolve technical issues with the VM solution and services.
•            Support initiatives aimed at expanding vulnerability management coverage across IT infrastructure.

Experience and Qualifications

1.           Experience in identifying, assessing, and remediating vulnerabilities in complex and diverse Government jurisdictions and or large private sector organizations.
2.           Strong background in securing IT systems and an in-depth understanding of OT environments, such as SCADA systems, Industrial Control Systems (ICS), and other critical infrastructure technologies.
3.           Experience with OT-specific security standards like IEC 62443, NERC CIP, or similar
4.           Extensive hands-on experience (3 to 5 years) in using and configuring vulnerability management tools specifically Tenable IT and OT stack.
5.           Hands-on experience in integrating vulnerability management tools with Security Information and Event Management (SIEM) systems, EDR, IT Service Management (ITSM) tools, and Threat Intelligence Platforms
6.           One of the cyber security certifications such as CISSP, CEH, OSCP or similar is a must.
7.           Technology certification such as Tenable Vulnerability Management Specialist, Specific OT security certification or similar is a plus.
8.           Bachelor’s degree in computer science, Information Security, Engineering, or similar
9.           Strong understanding of networking protocols, operating systems (Windows, Linux, etc.), and cybersecurity principle
10.        Tenacious and willing to support the team during peak volumes and workloads with various activities.
11.        Determined to stay abreast of the latest exploitation techniques and trending vulnerabilities.
12.        Ability to lead efficient communication between all project stakeholders, including internal teams and clients.
13.        Demonstrated strong analytical and problem-solving abilities to assess and mitigate complex security risks.
14.        Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership, and vendors).
15.        Demonstrated superior project management skills and stakeholders’ management.
16.        Demonstrated critical thinking and strategic planning skills.

Deliverables
•            Detailed Assessment Reports
•            Report automation.
•            Trend analysis & Performance metrics
•            Compliance reporting
•            Vulnerability prioritization and remediation strategies
•            Post incident reports.
•            Patch advisories.
•            Risk analysis and communication.

 

The pay range that the employer reasonably expects to pay for this position is between CA$75.00 and CA$95.00

Our voluntary benefits offering includes medical, dental, vision and retirement benefits.

Applications will be accepted on an ongoing basis.

Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.

Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.

Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!

Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.

Open ears. Open minds. Open futures