Vulnerability Disclosure Analyst

New

FlashpointCybersecurity

Remote in the United StatesFull-TimeMiddle

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

High reading comprehension, attention to detail, and deductive reasoning.
Writing skills and an affinity for writing research papers and summarizing complex subjects.
Self-motivated and can work independently and in collaboration with others.
Compassion for customer needs and a desire to work in a client-sense business.
Some coding experience in one or more languages, such as C/C++, Java, Python, and Ruby, to the level where you can identify vulnerabilities when reading the code.
Some experience with vulnerability exploit development and familiarity with security assessment tools and techniques.
Conducted security testing, vulnerability and network scanning, and penetration testing.
Understand the concepts of Windows and Linux operating systems, access controls, and privilege levels.
Familiarity with many widely used web applications, client and server software, and web browsers.
In-depth knowledge of common security software and hardware vulnerabilities and attack vectors.
Deep familiarity with OWASP top 20.
Understanding of secure coding practices, cryptography, and authentication protocols.
In-depth knowledge of security and network fundamentals, such as cryptography, authentication, access control, and network protocols (TCP/IP, UDP, DNS, HTTP, etc.).
Some experience with scripted languages (preferably Python3) and compiled languages (preferably C).

Analyze vendor security advisories, research vulnerability reports, mailing lists, product changelogs, news articles, bug trackers, commits, exploits, and many other sources to identify legitimate vulnerabilities.
Author detailed vulnerability entries based on findings.
Analyze and review new vulnerabilities for inclusion into the VulnDB product and update existing vulnerability entries with details, references, product information, exploit availability, and solutions.
Assist team members during peak activity periods to ensure the timeliness of high-quality data.
Monitor work queues as needed to maintain balanced workloads and achieve turn-around standards, ensuring data quality.
Stay current with the latest security threats, vulnerabilities, and industry best practices.
Provide mentorship and technical guidance to junior analysts and serve as a subject matter expert on vulnerabilities to the wider team.
Collaborate with other teams such as Product, Engineering, and Customer Success to solve customer challenges, clarify technical content, and be customer-oriented.

View Full Description & ApplyYou'll be redirected to the employer's site