Threat and Vulnerability Analyst

Piper Companies is seeking a Threat and Vulnerability Analyst to join a leading healthcare organization. This role can be remote or hybrid and focuses on identifying, analyzing, and remediating vulnerabilities across the enterprise environment while developing long-term security strategies.

Responsibilities of the Threat and Vulnerability Analyst include:

• Develop and enhance scanning strategies to ensure complete coverage of the networked environment.
• Actively scan internal and external enterprise environments and manage false positives and exceptions.
• Partner with IT leadership to categorize vulnerabilities by severity and asset criticality.
• Establish SLAs for vulnerability remediation and track progress.
• Create and maintain weekly/monthly metrics and present findings to senior management.
• Collaborate on security policies, standards, and processes to meet audit requirements.
• Assist in building a threat hunting program by developing and documenting threat scenarios and use cases.
• Stay current on industry trends and report emerging threats to senior leadership.

Qualifications for the Threat and Vulnerability Analyst include:

• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).
• Minimum 5 years of IT Security experience, including 3 years in vulnerability detection and remediation.
• One or more industry certifications required: CISSP, GCTI, or similar.
• Strong knowledge of security methodologies (Cyber Kill Chain, Defense-in-Depth).
• Experience with Patch Management and Vulnerability Management processes.
• Deep understanding of IOCs, threat hunting, APTs, and cyber-crime tactics.
• Proficiency with operating systems (Windows, Linux, Mac) and vulnerability scanning tools (Nexpose, Nessus, Qualys).
• Ability to prepare and present metrics using visualization tools (MS PowerPoint, Visio).
• Experience developing/modifying security policies and processes.
• Familiarity with threat intelligence tools and sources (ThreatStream, NH-ISAC, NJCCIC).
• Excellent analytical, communication, and interpersonal skills.

Compensation for the Threat and Vulnerability Analyst includes:

• Competitive salary based on experience.
• Comprehensive benefits package.
• Remote or hybrid work flexibility.

Keywords: Threat and Vulnerability Analyst, TVM Analyst, CISSP, GCTI, vulnerability management, patch management, threat hunting, IOCs, APTs, Nexpose, Nessus, Qualys, DISA STIG, Cyber Kill Chain, Defense-in-Depth, risk remediation, SLAs, security compliance, audit readiness, MS PowerPoint, Visio, remote, hybrid.

#LI-TK1 #LI-REMOTE