4 Vulnerability Analysis Jobs

Job description Job Title: Senior Staff Security Researcher About Role : Develop cutting-edge IPS signatures that shield against emerging threats and Review signatures for other junior team members. Have sense of urgency for critical vulnerabilities and release it to customers. Analyze and reverse engineer cyber-attacks and new vulnerabilities (CVEs) and effectively implement preventive measures to stay ahead of evolving threats. Align with Engineering stakeholders and identify Research topics for IPS roadmap, build POCs for them and mentor junior team members for various research topics. Identify areas of process improvement, prioritize them with senior leaders, look at new Attack Frameworks, like Empire, MSF. Drive Competitive Analysis strategy along with senior leaders to stay ahead of the competition. Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations. Research various MITRE attack TTPs, replicate them in lab, build signatures and be represent IPS research team in MITRE evaluation process. Vulnerability RCA, reverse engineering and POC verification and signature development for MAPP program Capable of working with no supervision, represent IPS research team in various forums and come-up with new Research ideas. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement

About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership Youll drive features end-to-end, from design to deployment. Flexibility A friendly, results-oriented culture that respects your time. Empowerment Your insights are valued, and your work makes a visible difference. Learning & Growth Youll work on complex challenges with smart, passionate peersand have the support to level up continually. If youre ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, wed love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analysts role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. You can also apply to this job using the below Workday link https://bit.ly/4kPFsa7 (if the link doesn't work, simply copy paste the link in your browser) To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman, on Truly Human Leadership : Watch the video https://bit.ly/4kSLZkE (if the link doesn't work, simply copy paste the link in your browser)

Description of Role: The Security Consultant should have a strong understanding of the emerging security practices and standards. Should be able to consult, engineer and apply security best practices while designing and proposing solutions to our enterprise customers. Should be able to conduct system security, vulnerability analysis and risk assessment, identify security gaps, identify integration issues, study architecture/platform and design security architecture. A Network Security Consultant undertakes complex work of a high-risk level, often working on several projects. In this role, you will: Interact with senior stakeholders across departments Reach and influence a wide range of people across larger teams and communities Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions Develop vision, principles, and strategy for security architects for one project or technology Work out subtle security needs Understand the impact of decisions, balancing requirements and deciding between approaches Produce patterns and support quality assurance Be the point of escalation for architects in lower-grade roles Lead the technical design of systems and services Qualifications/Experience: Bachelors degree in any stream. Minimum 5 years of working experience in Cyber Security Consulting or Advisory. *** Experience only in support and managed services without any consulting and/or advisory, Professional service experience in recent years will be ineligible. Successfully delivered at-least 2 (two) Cyber Security consulting and implementation projects as consultant/Architect/Professional services organization in recent years (2 years). Certification : Preferred Certification: Certified Information Systems Security Professional (CISSP) OEM certification on security products (e.g., Palo Alto, Fortinet, Checkpoint, Alogesec/Tufin etc.) Certified Information systems Auditor (CISA) ** Certification should be valid Responsibilities Below will be the scope of the role Network Penetration testing Network Security assessment. Security hardening on several network devices Network Security Orchestration Propose security products and tools to customer. Technical documentation. Product evaluation, POC. Implementation, Migration and Architect of Security Technology and Solution Architecture design and implementation for Zero trust Network Knowledge and Skills Candidate should have experience in the below domains Network Security Orchestration - Firewall Audit and Optimization, Network Segmentation, Firewall Policy Cleanup & Optimization (Algosec, Tufin, Skybox) Knowledge of script development for Network automation task (e.g. Python, Ansible, Chef) Web-proxy, WAF, DDoS (e.g., Palo Alto, Imperva, Cloud flare, Zascaler, McAfee, Broadcom etc.) Load Balancer, IPDS, API Gateway (F5, Fortinet, CISCO) Implementation experience of NAC products (Aruba Clear Pass) Well versed with WLAN security control implementation Familiar with XDR product evaluation and implementation (Falcon, TrendMicro, Carbon Black) Public & Private Cloud Network security assessment & recommendation. Well depth Architecture knowledge and implementation experience on Zero Trust Network Access, Secure Access Service Edge (e.g., Zscaler, Cato Networks, Aruba) Experienced with Breach & Attack Simulation product implementation (e.g., SafeBreach, AttackIQ, Mandiant) Good understanding on AWS, AZURE, GCP infrastructure and services Good understanding and hands on experience in micro segmentation. Good written & verbal communication and analyst

A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. DISCOVER your opportunity What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys Assist in setting up Jenkins pipeline integration to CI/CD lifecycle Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures Manage the production of reporting and metrics to both internal and external stakeholders You will report to the Operations Lead (under Head of Application Operations) SHARE your talent Were looking for someone who has these abilities and skills: Required Skills and Abilities: Security First mindset Understanding of vulnerability analysis, scanning and remediation processes Understanding of CVEs, CVSS Understanding of security industry compliancy benchmarks and standards i.e. CIS Understanding of security best practices/standards i.e. OWASP, NIST Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Strong analytical, critical thinking and organizational skills, ability to multitask and work to deadlines Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting Excellent communication, interpersonal and relationship building skills (verbal and written)