Job Search Results for vulnerability management analyst

Insight Global is looking for a Vulnerability Management Analyst to join one of our customers in Richmond VA. The Vulnerability Management Analyst is responsible for overseeing the quality, accuracy,... More and usability of technical documentation within the ServiceNow Knowledge Base. This role partners closely with analysts, subject matter experts (SMEs), and technical teams to audit, refine, and maintain knowledge content?ensuring it meets established standards and is accessible to both technical and non-technical audiences.This position is not a primary technical writing role. Instead, it focuses on documentation governance, content auditing, and continuous improvement, with light technical writing and strong collaboration across IT and business teams.Pay is $89.74/hour.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking a Business Systems Data Analyst for a top clients. This analyst will support the Security organization by extracting and evaluating large vulnerability datasets to identify... More potential risks across the network. The ideal candidate excels in Excel-based analysis, understands vulnerability management workflows, and can partner closely with technical teams to ensure issues are resolved quickly. This role is fast-paced, analytical, and highly impactful within the organization?s security posture.?Pulling large vulnerability datasets from client's security scanning tools?Analyzing reports to identify vulnerabilities, inconsistencies, and anomalies?Determining whether anomalies represent real security issues?Flagging findings and collaborating with affected teams to drive fast remediation?Documenting findings, tracking remediation status, and supporting reporting activitiesWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Role SummaryResponsible for analyzing vulnerability data, communicating risk to stakeholders, tracking remediation progress, and supporting system/application owners with actionable remediation... More guidance.Core Responsibilities?Vulnerability Analysis & PrioritizationoRun vulnerability scan results across infrastructure, applications, cloud, and specialized environmentsoAssess risk using CVSS, exploitability, threat intelligence, asset criticality, and business context oDifferentiate false positives, inherited risk, compensating controls, and environmental constraintsoAnalyze vulnerability scan results and identify high-risk findings based on severity, exploitability, and business impactoSupport risk-based prioritization to ensure focus on the most critical exposures ?Stakeholder CommunicationoClearly communicate vulnerability risk to technical and non-technical stakeholdersoDistribute vulnerability reports and ensure appropriate teams and leadership are informed oEscalate critical or time-sensitive vulnerabilities as needed?Remediation Tracking & CoordinationoTrack vulnerability remediation across systems and teams, ensuring alignment with defined SLAsoMonitor remediation progress and follow up with owners to drive closureoMaintain tracking artifacts (dashboards, reports, tickets) to demonstrate progress and accountability ?Remediation Guidance & SupportoProvide clear, actionable remediation recommendations (patching, configuration changes, compensating controls)oAssist teams when remediation is blocked or requires alternative mitigation approaches ?Reporting, Metrics & Program MaturationoProduce regular reporting on vulnerability posture, remediation status, and SLA performanceoSupport development of metrics that measure program effectiveness and risk reduction oDevelop meaningful metrics that demonstrate risk reduction, not just activity (e.g., aging, exposure windows, critical asset coverage)oSupport continuous improvement of vulnerability management processes, tooling, and workflows?Cross-Team CollaborationoCoordinate with infrastructure, application, and security teams to ensure vulnerabilities are addressed efficientlyoFacilitate communication across teams to remove blockers and improve remediation timelines Pay Rate: $4.00-$8.00 depending on skills and experience level.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

The Information Security Analyst plays a critical, hands-on role in protecting the confidentiality, integrity, and availability of company data and systems. This position is primarily technical and... More operational, with a strong focus on SOC alert monitoring, incident response, and vulnerability management, rather than audit or policy-heavy work.This analyst will work closely with internal IT teams, an outsourced SOC/MSP partner, and global security stakeholders to investigate security alerts, remediate vulnerabilities, and proactively reduce risk across the environment. By the end of the first three months, this individual is expected to independently manage and respond to security alerts.Primary Responsibilities (Hands-On / Technical)? Monitor and respond to SOC alerts generated by endpoint security, SIEM, and related tools.? Investigate alerts to determine validity and impact, using technical judgment to assess risk.? Take appropriate remediation actions such as isolating endpoints, reimaging machines, or escalating incidents when necessary.? Analyze alerts to differentiate false positives from real security threats.? Handle an average of 1?2 alerts per day, with the ability to pivot quickly during high-volume events (e.g., phishing campaigns that may consume a majority of the day).Secondary Responsibilities (Vulnerability Management & Risk)? Manage enterprise vulnerability scanning and remediation efforts using tools such as Qualys.? Partner with server and system owners to track, prioritize, and resolve identified vulnerabilities.? Review newly disclosed vulnerabilities, assess organizational exposure, and communicate risk and urgency to stakeholders.? Determine whether the organization is impacted by vulnerabilities actively being exploited in the wild.? Tie vulnerability findings to penetration test results when applicable.This is a fully remote opportunity with a preference for the candidate to be in Texas! Will work CST timezoneWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

An employer in the Galleria area of Houston, Texas is seeking a Lead SOC Analyst to join their team. They currently have a global SOC team and are trying to mimic the structure they have in... More Australia. Right now, there are 2 Leads in Houston overseeing the international team (North and South America) and this person will take the 3rd Lead spot. Their hours will be Monday-Friday 8A-5:30 PM and must sit onsite 3 days a week (their choice of day). Right now, the team works 9/80s and will be off every other Friday. The general rule, is 60% working in office and 40% working from home. This can change depending on what is going on with the team. Most people are onsite 3 days a week. They do allow flexibility as well - this is to be discussed with the manager ahead of time. They will also be on an on-call rotation every 3 weeks and their shift is Thursday-Thursday. They do a follow the sun schedule and pass off to the team in Australia accordingly. This person will be responsible for helping lead a team of 5+ SOC analysts and needs to have experience managing and mentoring junior analysts. This person will be the first escalation point for all major incidents. They need to have extensive threat intelligence review and assessment experience, strong vulnerability management experience and great written and verbal communication as they will provide communication reviews. This position pays between $70-$80/hr depending on skillset and experience.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking an Application Security Analyst to join one of our clients' security teams with focus on application security and vulnerability management. This resource will be doing lots... More of API testing to aid in a migration project for the first year of the role. The ideal candidate will have knowledge of standards and practices for securing applications and APIs. This role will participate in efforts to identify, verify, report, and track vulnerabilities within their systems and applications. This role spans multiple domains, including desktop, mobile, web applications, and API infrastructure.Key Responsibilities:- Schedule and perform regular application tests- Conduct penetration tests on important software and systems- Test changes before they go live- Analyze and validate vulnerabilities- Track and report testing activities- Present findings to stakeholders- Maintain dashboards for vulnerabilities- Improve asset management processes- Enhance threat modeling- Review source code and identify duplicates- Use security testing tools (e.g., Veracode, Burp Suite, Checkmarx, Postman)- Automate security scans and integrate with CI/CD pipelines- Collaborate with developers to improve security practices- Support incident response and investigationsPerform various security tests (penetration, purple team, red team)We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

We are seeking a Senior Cybersecurity Analyst to support an enterprise security team with a strong focus on operational security, governance, and technical guidance. In this role, the analyst will... More implement and maintain security controls, tools, and documentation; monitor and respond to security events through an MDR provider and Microsoft?s security suite (Defender and Intune); and collaborate with IT to manage Windows system security, including patching, vulnerability assessments, and system hardening. The role supports the development and deployment of security technologies, risk management initiatives, and vendor security assessments, while contributing to incident response, KPI reporting, and an on-call rotation. This position is a more strategic role providing guidance, for example reviewing firewall rules and advising the EDR and NDR teams on how to proceed. The successful candidate will be able to balance day-to-day security operations with strategic input across Microsoft enterprise and cloud environments. This is a full time role based out of Calgary wit the requirement to be on site downtown 3 days per week.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is looking for a Cyber Security Analyst to join a growing cyber security function for a medium-to-large enterprise environment. This is a 6-month contract-to-hire opportunity,... More reporting into the Director of Cyber Security, supporting day-to-day security operations, incident response, and ongoing security improvements across a hybrid environment.This role is ideal for a hands-on, technically strong security professional with real SOC and tool experience (not theory-only) who thrives in investigation, problem-solving, and cross-team collaboration.The Cyber Security Analyst is responsible for supporting and operating existing enterprise security solutions, as well as identifying, investigating, and helping resolve security incidents detected by those systems. The role also contributes to security improvements, vulnerability management, audits, and the maturation of processes and tooling.This role works closely with infrastructure, IT, and business stakeholders, acting as a trusted security partner while helping the organization become more efficient and proactive."We may use artificial intelligence tools to assist with the screening, assessment, or selection of potential applicants for this position."We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking an IS Analyst to join the IT department of an AM 200 law firm. The Information Security Analyst plays a key role in protecting the firm?s digital assets, client data, and... More case-related information by implementing and maintaining security controls in alignment with the ISO 27001 Information Security Management System (ISMS). The analyst will proactively monitor, detect, and respond to security threats; ensure compliance with legal industry data protection standards; and support ongoing risk and compliance initiatives. This role is essential for maintaining client trust, ensuring the confidentiality of privileged information, and meeting both ethical and regulatory obligations in the legal sector.Essential Functions & Responsibilities:-Security Monitoring & Incident ResponseMonitor networks, systems, and endpoints for potential threats using SIEM, EDR, and IDS/IPS tools.-Analyze security alerts, investigate incidents, and coordinate timely response and remediation.Conduct root cause analyses and prepare post-incident reports.-Maintain and test the Incident Response Plan as part of ISO 27001 continuous improvement.Participate in legal hold or eDiscovery-related security reviews when required.-Risk Management & ISO 27001 AlignmentSupport the firm?s Information Security Management System (ISMS) and contribute to maintaining ISO 27001 certification.-Conduct periodic risk assessments, identifying potential threats to confidentiality, integrity, and availability of legal data.-Document and monitor risk treatment plans and corrective actions.-Participate in internal and external ISO audits by providing evidence and maintaining control documentation.-Contribute to the ongoing maintenance of the Firm?s risk register.-Seek out opportunities for continuous improvement in processes and procedures.-Vulnerability Management & Threat Intelligence-Perform regular vulnerability scans and coordinate remediation with IT and service providers.-Monitor industry-standard threat intelligence sources, cybersecurity forums, and dark web feeds for emerging risks, vulnerabilities, and threat actor activities targeting the legal sector.-Track and report vulnerabilities relevant to law firms, third-party vendors, and legal technology platforms (e.g., document management systems, case management tools).-Track and report on patch-management activity to be sure it aligns with required standards.Stay informed on evolving attack vectors such as business email compromise, ransomware, and data exfiltration threats impacting professional services firms.-Governance, Policy, and ComplianceDevelop, maintain, and enforce security policies, procedures, and standards in accordance with ISO 27001 Annex A controls and policy lifecycle.-Ensure adherence to data privacy laws (e.g., GDPR, CCPA) and client contractual obligations.Collaborate with legal teams to align information security practices with attorney?client privilege requirements and ethical obligations.-Support third-party vendor risk assessments and due diligence processes.-Security Awareness & Continuous Improvement-Support the firm?s security awareness training program and conduct periodic phishing simulations.-Educate staff on secure handling of confidential documents and client communications.-Contribute to the continuous improvement cycle of the ISMS by identifying opportunities for control enhancement.-Keep up to date with the latest developments in cybersecurity, privacy law, and ISO frameworks.-Access Control & Data ProtectionManage and review access controls, ensuring least privilege and role-based access models are enforced.-Monitor privileged accounts and perform periodic user access reviews.-Work with IT to secure document repositories, collaboration tools, and cloud-based applications.-Review and act as needed to on data loss prevention alerts from various tools.Technical Skills:Experience with ISO 27001, NIST CSF, or CIS Controls.Proficiency with SIEM platforms (e.g., Splunk, Sentinel, LogRhythm).Strong understanding of network protocols, IDS/IPS, and endpoint security.Familiarity with vulnerability management tools (e.g., Qualys, Nessus) and ticketing workflows.Knowledge of encryption, DLP, and secure file transfer solutions used in legal environments.Understanding of cloud security concepts (Microsoft 365, Azure, or AWS).Familiarity with scripting/automation tools and techniques.Knowledge of EDR/XDR solutions and providers.This is a full-time hybrid role, sitting 2 days in office each week in any of the firm's following offices: Baltimore, Boston, Chicago, Ft. Lauderdale, Harrisburg, Miami, Minneapolis, Newark, New York City, Philadelphia, Princeton, Wayne, PA, West Palm Beach, Wilmington, DE or Washington, D.C.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

The Cybersecurity Analyst will be responsible for safeguarding the organization?s information systems, infrastructure, and data through proactive monitoring, analysis, and in supporting the... More implementation of advanced security solutions. This position plays a vital role in maintaining a secure technology environment by leveraging tools such as Cisco XDR, Cisco Firepower, Cisco Endpoint, Cisco ASA, Fortinet Gateways, and Duo MFA.The ideal candidate will possess 3?5 years of hands-on experience in network and server hardening, threat detection and response, and disaster recovery planning and execution. Working closely with IT operations, this role ensures that all systems are resilient, compliant, and protected against evolving cyber threats.Key ResponsibilitiesSecurity Operations & Monitoring? Implement, configure, and manage Cisco XDR, Cisco Endpoint Security, and Fortinet Gateways to ensure proactive threat detection and response.? Monitor network and endpoint activities for security incidents using advanced SIEM and XDR tools.? Investigate, analyze, and respond to security breaches, threats, and vulnerabilities.Network & Infrastructure Security? Manage and maintain Cisco Firepower and Cisco ASA firewalls to ensure secure and efficient traffic management.? Administer Duo Multi-Factor Authentication (MFA) for secure user access and identity protection.? Perform network hardening to reduce the attack surface, following best practices and compliance standards.Server & System Hardening? Conduct server hardening across Windows and Linux systems, ensuring compliance with internal and regulatory standards.? Review and implement secure configurations, patch management, and vulnerability remediation.Disaster Recovery & Continuity? Participate in DR drills and testing to validate readiness and response effectiveness.Policy, Documentation & Compliance? Maintain up-to-date documentation of network security configurations, standards, and incident response procedures.? Support compliance initiatives (e.g., NIST, ISO 27001, or CIS Controls) through audits and reporting.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less