Hi
Greetings!
Hope you are doing well,
Please find below the details & let me know if you are Interested in this position.
Role : Vulnerability Analyst
Location: McKinney, TX (Hybrid 4days a Week)
Experience – 12+ yr.
We are seeking a highly skilled Vulnerability Analyst to provide project-based remediation support across diverse cloud and hybrid infrastructures, including AWS, Azure, Google Cloud Platform (GCP), and on-premises environments. This advisory role goes beyond tactical patching, requiring the delivery of tailored, strategic guidance to help clients achieve robust, sustainable security across complex architectures.
The ideal candidate will combine deep technical expertise with a clear understanding of the rapidly evolving AI-driven threat landscape—including AI-powered red teaming, automated penetration testing, and novel attack vectors. The analyst will ensure that remediation recommendations are current, actionable, and aligned with both cloud-native and hybrid operational realities.
Key Responsibilities
Vulnerability Management
- Perform vulnerability assessments across AWS, Azure, GCP, and on-premises resources.
- Work collaboratively with project, operations, and infrastructure teams to facilitate timely, effective remediation.
- Prioritize vulnerabilities by severity, exploitability, and business impact, considering the unique dynamics of multi-cloud and hybrid environments.
Remediation Advisory
- Advise application, infrastructure, DevOps, and IT teams on secure configuration and patching strategies across cloud and on-premises platforms.
- Recommend best practices for cloud-native and hybrid security controls (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center, on-prem SIEM and EDR solutions).
- Contribute to the development and enhancement of enterprise security governance and standards for hybrid and multi-cloud environments.
AI-Driven Threat Analysis
- Monitor and assess emerging AI-based attack methodologies relevant to both cloud and on-premises infrastructures.
- Evaluate AI-enabled red teaming and penetration testing tools, providing recommendations on adoption and integration where beneficial.
- Share actionable threat intelligence and insights with technical and executive stakeholders to future-proof defenses.
Collaboration and Reporting
- Partner closely with SOC, cloud engineering, IT operations, and application teams throughout remediation processes.
- Document remediation activities, lessons learned, and any outstanding risks across all environments.
- Present findings and actionable recommendations to both technical and executive audiences.
Required Qualifications
Technical Expertise
- 3–5 years of experience in vulnerability management, cloud security, or hybrid infrastructure security.
- Hands-on experience with AWS (EC2, S3, IAM, Security Hub), Azure (VMs, Key Vault, Defender for Cloud), GCP (Compute Engine, IAM, Security Command Center), and on-premises security tools (SIEM, vulnerability scanners, EDR).
- Proficiency with vulnerability scanning and management tools (Qualys, Tenable, Rapid7, Nessus), as well as their deployment in hybrid environments.
- Experience with infrastructure-as-code scanning (Terraform, ARM templates, CloudFormation, Deployment Manager) and container security (EKS, AKS, GKE, Docker, Kubernetes).
- Familiarity with hybrid networking, identity management, and integration points between cloud and on-premises systems.
Security Knowledge
- Strong understanding of vulnerability categories (CVEs, misconfigurations, zero-days) applicable across cloud and on-premises platforms.
- Awareness of frameworks such as MITRE ATT&CK and how vulnerabilities map to adversarial techniques in multi-cloud and hybrid contexts.
- Understanding of AI's role in offensive security (adversarial machine learning, automated exploit generation, AI-driven phishing/social engineering).
Interpersonal Skills
- Excellent communication and stakeholder management skills, with the ability to influence technical teams and leadership.
- Demonstrated ability to provide clear, prioritized, and pragmatic recommendations tailored to complex environments.
- Self-motivated, adaptable, and collaborative, with a consultative approach.
Preferred Qualifications
- Relevant certifications: AWS Security Specialty, Azure Security Engineer, Google Professional Cloud Security Engineer, CISSP, CEH, OSCP, or GIAC GVN.
- Experience with AI-driven pen-testing tools, red teaming, or purple team exercises.
- Prior advisory experience supporting cloud migration, hybrid integration, or modernization projects.
Thanks and Regards
Prashant Tiwari |Technical Recruiter|
Jconnect Infotech Inc.
168 Barclay Center Ste. 347, Cherry Hill, NJ 08034
No comments:
Post a Comment
Thanks
Gigagiglet
gigagiglet.blogspot.com