Goldbelt, Inc.

Software Vulnerability Analyst

Job Locations US-Remote-Remote Hire
ID
2024-14101
Category
Information Security/Quality Assurance
Position Type
Regular Full-Time

Overview

Goldbelt Taku Health Services, LLC is a wholly owned subsidiary of the Alaskan Native Corporation accelerating the delivery of healthcare and providing superior force health readiness across the Military, Federal, and Civilian landscapes. Goldbelt Taku is committed to providing transformative and comprehensive health operational capabilities to support customers across scientific, clinical, technological, and program management areas.

 

Summary:

Goldbelt Taku is seeking a motivated and detail-oriented Vulnerability Analyst. The Vulnerability Analyst will play a critical role in identifying, assessing, and prioritizing vulnerabilities in our clients' IT environments to support effective risk management and mitigation efforts. The ideal candidate will have a strong background in vulnerability assessment and management, with expertise in vulnerability scanning tools, techniques, and best practices.

Responsibilities

Essential Job Functions:

  • Manage reporting and timely remediation for vulnerabilities from infrastructure scans, cloud, containers, penetration testing, source code (SAST/SCA) and Bug Bounty.
  • Report and track metrics, KPIs and KRIs with proactive escalations to maintain risk within acceptable appetite.
  • Communicate effectively to engage and collaborate with key stakeholders on remediation, provide guidance, escalations and follow through vulnerability closure.
  • Perform data analysis at scale and drive informed decisions with vulnerability prioritization and remediation campaigns.
  • Create and maintain dashboards to enable Self-Service for remediation teams.
  • Manage requests for False Positives, Exceptions and Risk Acceptance for vulnerabilities.
  • Prioritize emerging threats and 0days as they surface through Threat Intelligence
  • Consistently seek opportunities to improve EVM processes and demonstrate measurable impact towards reducing inefficiencies through implementation of Lean practices.
  • Stay abreast of emerging technologies, actively engage in continuous learning to master new skills, and contribute to culture of continuous improvement and professional growth.
  •  

Qualifications

Necessary Skills and Knowledge:

  • Strong understanding of security concepts, best practices, and articulate risk.
  • Skill in effective oral and written communication, including presentations to Senior management, various levels of business and IT stakeholders, and technical resources.
  • Strong analytical and problem-solving skills.
  • Strong collaboration skills.
  • Ability to speak fluent English with strong interpersonal skills.
  • Excellent written and verbal communication skills.
  • Outstanding analytical and problem-solving capabilities.
  • Ability to work independently and complete projects with minimal supervision.
  • Sound understanding of coding and development processes.
  • Ability to write clean, easy to understand code.
  • Experience with working in an agile environment.
  • Experience with full-stack development.
  • Well-versed in technologies such as C#, JavaScript, and SQL databases.
  • Capability to collaborate with a group of developers.
  • Ability to adapt quickly to a multicultural environment.

Minimum Qualifications:

  • Bachelor’s Degree in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, Computer Engineering, or Healthcare degree from an accredited college or university.
  • Minimum 10+ years of demonstrated hands-on experience developing C# / .NET solutions with at least 5 years of experience supporting DoD or Federal projects.
  • Must be a US Citizen.
  • Must be able to obtain and maintain DoD Tier-3 / National Agency Check with Law and Credit (NACLC) background investigation in accordance with DODI 5200.02-DoD Personnel Security Program (PSP).

Preferred Qualifications:

  • Master's degree a plus.
  • Industry Standard Certifications such as, but not limited to: CompTIA Security+, CISSP, CISM, GIAC and AWS are preferred.
  • Strong understanding of OWASP Top 10 Web Application Vulnerabilities. Use of Burp Suite preferred.
  • Experience working with scripting (Python, Pandas, Groovy, etc.) is a major plus.

 

Salary Range: $115,000 - $125,000

 

Pay and Benefits

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed