Cyber Security Analyst

Cyber Security Analyst

Patch & Vulnerability Management CR

Costa Rica

Responsabilidades Generales

• Designs and implements the infrastructure needed to provide Cyber Exposure Management services. • Creates a detailed, architectural design specification document. • Ensures that all systems are working at optimal levels and offers support to application development department regarding new technologies and system requirements. • Provides technical leadership to ensure the security of information exchanged between internal departments, and external clients. • Ensures optimum performance, scalability, and usability of cyber exposure management tools. • Analyzes vulnerability scans using appropriate scanning tools or platforms to identify potential security weaknesses and vulnerabilities across the organization's systems, applications, and infrastructure. Reviews findings, evaluates vulnerabilities severity, and prioritizes them based on risk levels. • Ensures the effectiveness, accuracy, and reliability of identifying security vulnerabilities by regularly reviewing scan credentials, performance optimization, agent status, and any other type of vulnerability scanning tool related maintenance. • Develops and oversees the execution of remediation plans to address identified vulnerabilities. Collaborates with relevant teams, such as system administrators, network engineers, database administrators, or application owners, to ensure timely and effective mitigation or remediation of vulnerabilities. • Keeps up to date with the latest security vulnerabilities (including Zero-Day threats), advisories, and best practices. Performs research and analysis of vulnerabilities specific to the organization's technology stack, platforms, or industry, understanding their potential impact and providing recommendations for mitigation or remediation. • Collaborates in generating reports and metrics on vulnerability assessments, including vulnerability status, trends, and progress. Documents vulnerabilities, remediation actions, and their outcomes to maintain accurate records and provide visibility into the organization's Cyber Exposure Management efforts. • In the event of a security incident or breach related to vulnerabilities, the resource may provide support to incident response teams. Assists in analyzing the impact of the incident, identifying vulnerabilities that may have been exploited, and helping with the restoration or recovery process. • Performs compliance assessment across different types of systems (Servers, Network Devices, Workstations, etc.), and analyzes the findings. • Seeks process efficiency and improvement documenting work processes to facilitate further interventions. *Availability to work outside of standard office hours - as needed. 

Educación y Experiencia Requerida

Bachelor's Degree in Computer Information Systems, Computer Science, related field from an accredited university or equivalent experience. One (1) to three (3) years of experience working in Cyber Security, Windows/UNIX/Linux/Network Devices Administration, Cloud Security, PCI DSS, Hardening, Web Application Security, and Vulnerability Management process. Programming and API experience desirable. 

Conocimiento y Destrezas Requeridas

To perform this job successfully, the individual must be able to perform each essential task satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. - Must be able to work independently as well as a part of a team in a highly intensity environment, requiring high organizational skills. - Must demonstrate analytical, logical, and reasoning skills. - Knowledge regarding the use of vulnerability scanning tools, vulnerability analysis and remediation. - Experience creating scripts (Python) and using APIs (able to learn configuration requirements of vulnerability scanning and web application scanning tools). - Proficiency in MS Office Tools, must be able to create VLOOKUPS and Pivot Tables. - Experience performing compliance checks scans and/or knowledge of a hardening process. - Windows and Linux servers' administration. - Familiar with the different network protocols. - Must be able to meet stringent deadlines in a consistent manner. - Vulnerability Management Cycle, Hardening, WAS, PCI DSS. - Information Systems or related field Security Certifications: CISSP, CISA, CEH. - Must be fluent in English. - Strong communication skills. - Customer-centered. - Problem-solving. - Proactive. 

Información Adicional

Lunes a Viernes de 8am a 5:30pm (híbrido)

El empleado debe cumplir con los siguientes requisitos para participar en el proceso de reclutamiento:  

Mínimo de doce (12) meses como empleado regular de la Compañía en su puesto actual.  Obtener una calificación de "Cumple Expectativas" o "Excede Expectativas" en la evaluación de desempeño de los últimos dos años.  No debe tener acciones disciplinarias durante el pasado año de empleo.  Cumplimiento con el Código de Etica y Estándares de Conducta. 

Evertec Group, LLC es un Patrono con Igualdad de Oportunidades de Empleo