Job Search Results for vulnerability management analyst

Insight Global is seeking a Business Systems Data Analyst for a top clients. This analyst will support the Security organization by extracting and evaluating large vulnerability datasets to identify... More potential risks across the network. The ideal candidate excels in Excel-based analysis, understands vulnerability management workflows, and can partner closely with technical teams to ensure issues are resolved quickly. This role is fast-paced, analytical, and highly impactful within the organization?s security posture.?Pulling large vulnerability datasets from client's security scanning tools?Analyzing reports to identify vulnerabilities, inconsistencies, and anomalies?Determining whether anomalies represent real security issues?Flagging findings and collaborating with affected teams to drive fast remediation?Documenting findings, tracking remediation status, and supporting reporting activitiesWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

The Information Security Analyst plays a critical, hands-on role in protecting the confidentiality, integrity, and availability of company data and systems. This position is primarily technical and... More operational, with a strong focus on SOC alert monitoring, incident response, and vulnerability management, rather than audit or policy-heavy work.This analyst will work closely with internal IT teams, an outsourced SOC/MSP partner, and global security stakeholders to investigate security alerts, remediate vulnerabilities, and proactively reduce risk across the environment. By the end of the first three months, this individual is expected to independently manage and respond to security alerts.Primary Responsibilities (Hands-On / Technical)? Monitor and respond to SOC alerts generated by endpoint security, SIEM, and related tools.? Investigate alerts to determine validity and impact, using technical judgment to assess risk.? Take appropriate remediation actions such as isolating endpoints, reimaging machines, or escalating incidents when necessary.? Analyze alerts to differentiate false positives from real security threats.? Handle an average of 1?2 alerts per day, with the ability to pivot quickly during high-volume events (e.g., phishing campaigns that may consume a majority of the day).Secondary Responsibilities (Vulnerability Management & Risk)? Manage enterprise vulnerability scanning and remediation efforts using tools such as Qualys.? Partner with server and system owners to track, prioritize, and resolve identified vulnerabilities.? Review newly disclosed vulnerabilities, assess organizational exposure, and communicate risk and urgency to stakeholders.? Determine whether the organization is impacted by vulnerabilities actively being exploited in the wild.? Tie vulnerability findings to penetration test results when applicable.This is a fully remote opportunity with a preference for the candidate to be in Texas! Will work CST timezoneWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

We are seeking a Senior Cybersecurity Analyst to support an enterprise security team with a strong focus on operational security, governance, and technical guidance. In this role, the analyst will... More implement and maintain security controls, tools, and documentation; monitor and respond to security events through an MDR provider and Microsoft?s security suite (Defender and Intune); and collaborate with IT to manage Windows system security, including patching, vulnerability assessments, and system hardening. The role supports the development and deployment of security technologies, risk management initiatives, and vendor security assessments, while contributing to incident response, KPI reporting, and an on-call rotation. This position is a more strategic role providing guidance, for example reviewing firewall rules and advising the EDR and NDR teams on how to proceed. The successful candidate will be able to balance day-to-day security operations with strategic input across Microsoft enterprise and cloud environments. This is a full time role based out of Calgary wit the requirement to be on site downtown 3 days per week.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

An employer in the Galleria area of Houston, Texas is seeking a Lead SOC Analyst to join their team. They currently have a global SOC team and are trying to mimic the structure they have in... More Australia. Right now, there are 2 Leads in Houston overseeing the international team (North and South America) and this person will take the 3rd Lead spot. Their hours will be Monday-Friday 8A-5:30 PM and must sit onsite 3 days a week (their choice of day). Right now, the team works 9/80s and will be off every other Friday. The general rule, is 60% working in office and 40% working from home. This can change depending on what is going on with the team. Most people are onsite 3 days a week. They do allow flexibility as well - this is to be discussed with the manager ahead of time. They will also be on an on-call rotation every 3 weeks and their shift is Thursday-Thursday. They do a follow the sun schedule and pass off to the team in Australia accordingly. This person will be responsible for helping lead a team of 5+ SOC analysts and needs to have experience managing and mentoring junior analysts. This person will be the first escalation point for all major incidents. They need to have extensive threat intelligence review and assessment experience, strong vulnerability management experience and great written and verbal communication as they will provide communication reviews. This position pays between $70-$80/hr depending on skillset and experience.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

The Cybersecurity Analyst will be responsible for safeguarding the organization?s information systems, infrastructure, and data through proactive monitoring, analysis, and in supporting the... More implementation of advanced security solutions. This position plays a vital role in maintaining a secure technology environment by leveraging tools such as Cisco XDR, Cisco Firepower, Cisco Endpoint, Cisco ASA, Fortinet Gateways, and Duo MFA.The ideal candidate will possess 3?5 years of hands-on experience in network and server hardening, threat detection and response, and disaster recovery planning and execution. Working closely with IT operations, this role ensures that all systems are resilient, compliant, and protected against evolving cyber threats.Key ResponsibilitiesSecurity Operations & Monitoring? Implement, configure, and manage Cisco XDR, Cisco Endpoint Security, and Fortinet Gateways to ensure proactive threat detection and response.? Monitor network and endpoint activities for security incidents using advanced SIEM and XDR tools.? Investigate, analyze, and respond to security breaches, threats, and vulnerabilities.Network & Infrastructure Security? Manage and maintain Cisco Firepower and Cisco ASA firewalls to ensure secure and efficient traffic management.? Administer Duo Multi-Factor Authentication (MFA) for secure user access and identity protection.? Perform network hardening to reduce the attack surface, following best practices and compliance standards.Server & System Hardening? Conduct server hardening across Windows and Linux systems, ensuring compliance with internal and regulatory standards.? Review and implement secure configurations, patch management, and vulnerability remediation.Disaster Recovery & Continuity? Participate in DR drills and testing to validate readiness and response effectiveness.Policy, Documentation & Compliance? Maintain up-to-date documentation of network security configurations, standards, and incident response procedures.? Support compliance initiatives (e.g., NIST, ISO 27001, or CIS Controls) through audits and reporting.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking an IS Analyst to join the IT department of an AM 200 law firm. The Information Security Analyst plays a key role in protecting the firm?s digital assets, client data, and... More case-related information by implementing and maintaining security controls in alignment with the ISO 27001 Information Security Management System (ISMS). The analyst will proactively monitor, detect, and respond to security threats; ensure compliance with legal industry data protection standards; and support ongoing risk and compliance initiatives. This role is essential for maintaining client trust, ensuring the confidentiality of privileged information, and meeting both ethical and regulatory obligations in the legal sector.Essential Functions & Responsibilities:-Security Monitoring & Incident ResponseMonitor networks, systems, and endpoints for potential threats using SIEM, EDR, and IDS/IPS tools.-Analyze security alerts, investigate incidents, and coordinate timely response and remediation.Conduct root cause analyses and prepare post-incident reports.-Maintain and test the Incident Response Plan as part of ISO 27001 continuous improvement.Participate in legal hold or eDiscovery-related security reviews when required.-Risk Management & ISO 27001 AlignmentSupport the firm?s Information Security Management System (ISMS) and contribute to maintaining ISO 27001 certification.-Conduct periodic risk assessments, identifying potential threats to confidentiality, integrity, and availability of legal data.-Document and monitor risk treatment plans and corrective actions.-Participate in internal and external ISO audits by providing evidence and maintaining control documentation.-Contribute to the ongoing maintenance of the Firm?s risk register.-Seek out opportunities for continuous improvement in processes and procedures.-Vulnerability Management & Threat Intelligence-Perform regular vulnerability scans and coordinate remediation with IT and service providers.-Monitor industry-standard threat intelligence sources, cybersecurity forums, and dark web feeds for emerging risks, vulnerabilities, and threat actor activities targeting the legal sector.-Track and report vulnerabilities relevant to law firms, third-party vendors, and legal technology platforms (e.g., document management systems, case management tools).-Track and report on patch-management activity to be sure it aligns with required standards.Stay informed on evolving attack vectors such as business email compromise, ransomware, and data exfiltration threats impacting professional services firms.-Governance, Policy, and ComplianceDevelop, maintain, and enforce security policies, procedures, and standards in accordance with ISO 27001 Annex A controls and policy lifecycle.-Ensure adherence to data privacy laws (e.g., GDPR, CCPA) and client contractual obligations.Collaborate with legal teams to align information security practices with attorney?client privilege requirements and ethical obligations.-Support third-party vendor risk assessments and due diligence processes.-Security Awareness & Continuous Improvement-Support the firm?s security awareness training program and conduct periodic phishing simulations.-Educate staff on secure handling of confidential documents and client communications.-Contribute to the continuous improvement cycle of the ISMS by identifying opportunities for control enhancement.-Keep up to date with the latest developments in cybersecurity, privacy law, and ISO frameworks.-Access Control & Data ProtectionManage and review access controls, ensuring least privilege and role-based access models are enforced.-Monitor privileged accounts and perform periodic user access reviews.-Work with IT to secure document repositories, collaboration tools, and cloud-based applications.-Review and act as needed to on data loss prevention alerts from various tools.Technical Skills:Experience with ISO 27001, NIST CSF, or CIS Controls.Proficiency with SIEM platforms (e.g., Splunk, Sentinel, LogRhythm).Strong understanding of network protocols, IDS/IPS, and endpoint security.Familiarity with vulnerability management tools (e.g., Qualys, Nessus) and ticketing workflows.Knowledge of encryption, DLP, and secure file transfer solutions used in legal environments.Understanding of cloud security concepts (Microsoft 365, Azure, or AWS).Familiarity with scripting/automation tools and techniques.Knowledge of EDR/XDR solutions and providers.This is a full-time hybrid role, sitting 2 days in office each week in any of the firm's following offices: Baltimore, Boston, Chicago, Ft. Lauderdale, Harrisburg, Miami, Minneapolis, Newark, New York City, Philadelphia, Princeton, Wayne, PA, West Palm Beach, Wilmington, DE or Washington, D.C.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is looking for a RMF Security Analyst to join one of our clients in Virginia Beach, VA. This is an onsite role Monday-Friday. You will be responsible for proving cybersecurity... More technical support to the client. Position requires flexibility to work non-standard work hours and work weeks of more than 40 hours to meet business, customer, and contractual requirements. Additionally, position requires flexibility as duties and responsibilities may be adjusted to meet business, customer, and contractual requirements. 100% Onsite work.Essential Job Responsibilities?Conduct security testing and evaluation of servers, workstations, databases, and network infrastructure devices (e.g. firewalls, switches, routers, load balancers) to identify security vulnerabilities and weaknesses, and produce detailed findings reports that support the security authorization process.?Develop customized scanning and testing configurations within cybersecurity tools to meet specific security and configuration requirements.?Map identified findings whether discovered through manual assessment, automated scanning, or associated with CVEs to the appropriate NIST SP 800-53 security controls, DoD policies, and relevant technical standards.?Analyze and interpret cybersecurity directives, policies, and instructions, including CTOs, FRAG/TASK/OPORDs, IAVMs, PKI guidance, and STIG requirements, to assess applicability and required actions.?Create or Update eMASS artifacts to support Assessments and Authorizations and Annual Security Reviews.?Evaluate the adequacy of current security testing and assessment toolsets; identify capability gaps and recommend new tools or enhancements to improve assessment coverage and effectiveness.?Serve as a subject matter expert on known and emerging vulnerabilities, providing analysis of exploitation methods, mitigation and remediation strategies, severity impacts, and operational considerations.?Review Assessment & Authorization (A&A) documentation to ensure compliance with applicable DoD and RMF cybersecurity policies and standards.?Perform risk analyses and recommend mitigating controls.?Assist in drafting, updating, and maintaining cybersecurity policies, procedures, and technical guidance for systems and emerging technologies.?Provide critical written and oral analysis of security architecture documentation and vulnerability and risk assessments.?Support the creation, management, and tracking of Plans of Action and Milestones (POA&Ms), ensuring accurate status reporting and alignment with cybersecurity requirements.?Advise Government in all aspects of Cybersecurity and Risk Management Framework (RMF).?Track and report cybersecurity compliance status in VRAM and other applicable vulnerability tracking or reporting platforms.?Conduct independent verification and risk analysis of security configurations, STIG findings, and POA&M entries for systems and devices across the enterprise.?Demonstrate the ability to work independently with minimal oversight as well as collaboratively in a team environment.Compensation: $55/hr to $60/hr. Exact compensation may vary based on several factors, including skills, experience, and education. Benefit packages for this role will start day 1 of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking an Analyst, Risk and Compliance to support one of our midstream clients on a full-time, permanent basis. This position is based onsite in Houston four days per week, with... More Fridays typically remote. You will play a crucial role in supporting SOX, regulatory audits, risk mitigation, and security controls across IT and OT environments, with direct involvement in audits, reporting, and cyber threat readiness. You will join a team of six and report into the Manager, Risk and Compliance.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is looking for Cybersecurity Compliance Analyst to work on site in Austin, TX and support the strategy and introduction of products based on unique and highly differentiated... More capabilities of a preeminent foundry for semiconductor systems and defense electronics companies. Their mission is to advance the state-of-the-art in critical semiconductor domains such as advanced packaging, and in the process to help restore U.S. leadership in semiconductor manufacturing. They are developing cutting-edge semiconductor manufacturing technology that will define future roadmaps of semiconductor devices including logic, memory, 3D packaged devices, including thermal management, etc. This position will accommodate the growing and evolving needs of the organization by supporting the Information Cybersecurity Compliance Director, and the implementation of a Controlled Unclassified (CUI) information systems.Responsibilities: Responsible for ensuring information systems follow government and their internal regulations while meeting program demands and operating in an accredited state.Assist in daily IT governance, risk management, and compliance function.Providing oversight of compliance assurance, for the daily administration of information security measures in compliance with the NIST SP 800-171, CMMC level 2, and other relevant system security requirements to include those under the Risk Management Framework (RMF).Responsible for assisting in ensuring that controlled unclassified information systems meet the Risk Management Framework goals required by TIE and our government clientsResponsible for drafting detailed reports of compliance and self-inspections outcomes, for upper management review.Other related functions as assigned.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Our client is seeking a Senior SOC Analyst to join their team in Miami! This role plays a critical part in protecting enterprise systems, reducing risk, and strengthening organizaitonal secuirty... More maturity. You will influence tooling strategly, operational excellence, and secuirty culture while working in a high-impact, hands-on environment. The ideal candidate will have proven experience leading high severity security incidents in a 24/7 enterprise environment. This role is hands on, operational, and leadership oriented, with responsibility for real time detection, investigation, containment, and remediation of active threats. The successful candidate is comfortable working rotating shifts, operating from a formal Incident Response Plan (IRP), and making decisive technical calls during live incidents such as ransomware, credential compromise, and malware outbreaks. This position operates across hybrid on premises and cloud environments and plays a critical role in protecting the organization?s security posture.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less