Cybersecurity Analyst - Elegant Enterprise-Wide Solutions, Inc.

No C2C**

Primary Responsibility: Perform vulnerability assessments and risk evaluations.

Responsibilities:

1. Conduct detailed vulnerability assessments across the district's internal systems, applications, and infrastructure to identify security gaps.

1. Analyze system configurations, software applications, and network devices to identify weaknesses or misconfigurations.

1. Prioritize vulnerabilities based on severity, potential impact, and likelihood of exploitation.

1. Collaborate with the Penetration Testers to simulate attack scenarios for identified vulnerabilities.

1. Develop comprehensive risk evaluation reports detailing findings, potential threats, and recommended remediation strategies.

1. Stay updated on the latest cybersecurity threats, trends, and tools to ensure assessments align with current standards.

1. Assist in reviewing the district's current cybersecurity policies and suggest updates to mitigate identified risks.

1. Provide input for creating actionable, prioritized remediation plans based on assessment results.

1. Work closely with the Network Security Analyst to ensure vulnerabilities are addressed within the broader network architecture.

1. Support the preparation of an executive summary and detailed technical reports for key stakeholders.

Qualifications:

• Bachelor’s degree in cybersecurity, IT, or related field.

• At least 3 years of experience in vulnerability assessments and risk management.

• Expertise in tools such as Nessus, Qualys, or similar vulnerability management platforms.

• Strong understanding of risk management frameworks (e.g., NIST, ISO 27001).

• Excellent analytical, written, and verbal communication skills.

Required Technical Skills

• Vulnerability Management Tools: Nessus, Qualys, OpenVAS.

• Risk Assessment Frameworks: NIST Cybersecurity Framework, ISO 27001.

• Security Information and Event Management (SIEM): Splunk, QRadar, or Elastic SIEM.

• Familiarity with cloud security: AWS, Azure, or Google Cloud security principles.

• Strong knowledge of operating systems security: Windows, Linux.

• Programming/Scripting: Python, Bash, or PowerShell for automation.

• Proficiency in analyzing reports from vulnerability scans and integrating results into remediation workflows.