The CTU Vulnerability Analysis team is dedicated to reporting recent Threat Intelligence activity that
may present a potential risk to the enterprise. As a CTU Vulnerability Analyst you will be involved in
discovering, researching, and assessing the significance of emerging security vulnerabilities and
threats; collaborating with other security professionals to ensure our deliverables are maintained to
the highest standards; and performing work related to the continual improvement of our processes,
procedures, and proprietary applications. Your expertise will be used to notify, educate, and support
our clients as well as internal stakeholders with accurate, concise, detail-oriented, and actionable
information on the emerging threats that may impact their environment.
Responsibilities
Maintain and execute all vulnerability reporting processes to drive customer protections:
Monitor, aggregate, and triage information from vulnerability sources for input into threat databases
Analyze vulnerability information and provide a comprehensive report for publication to the company Customer Portal
Participate in peer review of day-to-day quality of work for other Vulnerability Analysts
Provide support to internal teams and clients
Participate in knowledge sharing with other analysts and develop customer solutions efficiently
Requirements
2+ years of professional experience in systems administration, systems engineering,
software development, and/or TCP/IP network administration
2+ years of experience with a variety of security-related processes, including secure coding practices, patch management, vulnerability analysis, or IDS/IPS
Knowledge of vulnerability classes and industry-standard classification schemes (CVE, CVSSv2, CVSSv3, CWE, CPE)
Ability to analyze a software vulnerability in order to appropriately characterize threat, provide remediation advice, and assign a meaningful severity score/priority
Theoretical understanding of programming concepts (e.g., data structures, algorithms, OOP)
Highly proficient in written English
Investigative and analytical problem solving skills
Team player with the ability to work autonomously in a fast-paced, dynamic environment
Effective time management and organizational skills
Inherent passion for cyber security and service excellence
Demonstrate exceptional attention to detail
Preferences
CISSP, GCIA, OSCP, SSCP, or similar certification
Practical experience in scripting (Python, Go, or similar)
Experience with SQL and NoSQL database query languages
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
