Make your mark. Our Technology Services team focuses on the firm’s critical business needs. From strategy to operations and everything in between, our integrated solution approach is designed to help enable and manage growth, leverage resources, and mitigate costs and risks.
The Vulnerability Management and SOC (Security Operations Center) Analyst role will be an integral member of our Cybersecurity Team in maturing the firm’s cybersecurity operations model. Reporting to the Cybersecurity Operations Manager, the primary responsibilities of this position center on identifying, tracking and verifying remediation of vulnerabilities in internal and external applications and systems, while also contributing to everyday operations in our SOC. The individual in this role is expected to have a general understanding of many different systems and applications across the company. The individual will understand applications, operating systems, networking, cloud infrastructure and emerging threats. Working closely as a hands-on practitioner with IT infrastructure, application developers and security operations, the analyst will collaborate to remediate vulnerabilities impacting the attack surface. The role is highly technical, and the analyst is expected to have a diverse understanding of cybersecurity principles, enterprise systems and business process dependencies. An analyst in this role will stay up to date with the evolving threat landscape and potential impact on advanced technologies, as well as legacy systems and applications.
What does diversity, equity, and inclusion mean to Plante Moran? It means that all staff members have equitable and fair opportunities to succeed, in an inclusive environment, with their individual, unique identities.
Your role.
You can look forward to fast pace and dynamic hands-on experiences with engagements and project assignments designed to deepen your technical knowledge and overall experience in cybersecurity. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business.
Your experience will include, but not be limited to:
· Monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services.
· Collaborate with IT and security operations to manage internal- and external-facing systems to identify, track and remediate system and application vulnerabilities.
· Support IT operations' responsibility to remediate system and application vulnerabilities.
· Conduct continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets.
· Prioritize vulnerability remediation based on criticality, exploit probability, rating and business risk exposure.
· Document, prioritize, recommend, validate and report on the state of vulnerabilities.
· Recommend strategic and tactical options to reduce attack surface, containment alternatives and impede attackers.
· Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization's security posture against them.
· Remain current with emerging threats and share knowledge with colleagues to improve security posture.
· Maintain active database comprising third-party assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business.
· Define key performance indicators and metrics to illustrate efficacy with vulnerability management.
· Maintain documentation related to vulnerability policies and procedures.
· Serve as a point of contact for new and existing vulnerability-related issues.
· Supervise testing and validation vulnerability remediation and controls.
· Assist with change management operations to ensure vulnerabilities are not introduced.
· Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed.
· Willingness to work nonstandard business hours to respond to and mitigate threats.
· Perform daily monitoring of security tools and oversee remediation of items and/or alerts identified.
· Provide responsive support for events and incidents identified during normal working hours as well as outside normal working hours as needed.
· Respond to inquiries regarding our security controls.
· Perform in-house and third-party vulnerability testing, evaluate social engineering, conduct risk analysis and security assessments, and oversee remediation and post-remediation testing activities.
· Research the latest information (IT) security trends and recommend appropriate security controls, tools, and countermeasures.
· Respond to and manage disruptive events/incidents within the firm, analyze and investigate to determine if alerts or events warrant incident classification.
· Assist with or perform incident response technical activities to minimize impact to the firm.
· Interface with internal and external auditors for risk assessments
· Assist in defining enterprise level security policies and actively enforce these policies.
· Development of security related training materials and assist with the delivery of training to staff to understand security and implement the right strategies.
· Research and stay up-to-date on industry standards and any new vulnerabilities and risks.
· Perform other duties as directed by leadership.
The qualifications.
· Detail-oriented leader with problem solving, communication, and analytical skills.
· Bachelor’s degree in computer science, management information systems, information assurance/cyber defense, computer engineering, or related field.
· 1+ years of Technical knowledge, understanding, and/or experience with several of the following:
o Vulnerability management software (e.g. Tenable Security Center, Nessus, etc.) is preferred
o Next generation AV and EDR tools
o Web filtering solutions
o SIEM solutions
o Email security solutions
o Basic TCP/IP and wired/wireless networking technologies
o Active Directory groups, user accounts and Windows folder security structure
· Ability to prioritize work to compete task/activities based on intake queues and service level agreements (SLAs).
· Understanding of OWASP, CVSS and MITRE ATT&CK framework and the software development lifecycle.
· Experience with commercial and open-source vulnerability management solutions.
· Ability to influence technical team and business units and collaborate to reduce attack surface.
· Knowledge of operating systems, applications, infrastructure and cloud computing services.
· Basic understanding of malware distribution, technical risks, and containment/mitigation is preferred.
· Knowledge of Microsoft Azure security practices will be a bonus.
· Capable of scripting in Python, Bash, JavaScript or PowerShell will be a bonus.
· Basic familiarity with compliance frameworks such as NIST.
· Basic familiarity with IT audit processes such as HIPAA.
Our difference.
On the surface, we’re one of the nation’s largest audit, tax, consulting, and wealth management firms. But dig a little deeper, and you’ll see what makes us different: we’re a relatively jerk-free firm (hey, nobody’s perfect) with a world-class culture, consistent recognition as one of Fortune Magazine’s “100 Best Companies to Work For,” and an endless array of opportunities. At Plante Moran, diversity, equity and inclusion means that all staff members have equitable and fair opportunities to succeed, in an inclusive environment, with their individual, unique identities. So, what are you waiting for? Apply now.
This is an exempt position that may require some local, national, and occasional international travel.
Plante Moran maintains a drug-free workplace.
Interested applicants must submit their resume for consideration using our applicant tracking system. Due to the high volume of interest in our positions, only candidates selected for interviews will be contacted. Candidates must be legally authorized to work in the United States without sponsorship, with the exception of qualified candidates who are bilingual in either Japanese and English or Chinese and English. Unsolicited resumes from search firms or employment agencies, or similar, will not be paid a fee and become the property of Plante Moran.
The specific statements above are not intended to be all-inclusive.