Vulnerability Management Analyst Jobs

Role and Responsibilities

95569 Vulnerability Management Analyst (Open)

Vulnerability Management Analyst

If you’ve taken a plane to any destination in the world, chances are, your pilot was trained by CAE. With its strong customer focus, the Digital Accelerator team is dedicated to elevating the training experience to make pilots the best they can be.

Here are few reasons why folks love working at CAE!

• Meaningful work that drives professional development
• Work in a collaborative environment
• Be part of a high-performance team
• Ability to enter and grow within the technology industry

What we have to offer

• Work-Life Balance: Flex time & California Fridays all year
• Retirement: Defined Benefits Retirement Plan & Group Registered Retirement Savings Plan (RRSP)
• Financial Perks: Employee Stock Purchase Plan & numerous corporate discounts
• Benefits: fully flexible for you to choose what is important
• Fun at work: social and community events all-year round!
• Personal and Family Programs: Physical Wellness Plan & Supplementary Maternity Plan

Your main role and responsibilities

• CEH, Rapid7 Certified Administrator (Mandatory), Security+, ITIL or other security certifications are required
• Minimum 3 Years of experience in managing Rapid7 architecture and 5 to 8 Years of experience in information security domain
• Good Hands on knowledge with Rapid7 architecture, Scan Engines, Collector Servers, agents, query builder, goals and projects
• Only open for the candidates that are physically present in Canada and are Canadian Citizen or Permanent Residents
• Monitor overall vulnerability scan status , engine health check , report generation and ensure successful scan completion with proper authentication
• Managing Scan Configurations which includes Asset Grouping, Appropriate Authentication, Update Scan Templates, Update Scan Engine Pool and Scan & Report Scheduling.Manage and troubleshoot vulnerability management tools
• Collaborate with application teams and business unit owners to submit Risk letters in order to be compliant with organization's IT security and risk management framework
• Good knowledge of web application vulnerabilities and assessment tools
• Co-ordinate and manage timely remediation of security vulnerabilities across a variety of technologies
• Coordinate with the Core Network, endpoint teams and Server Teams to discuss patches that are not applied for a longer time , Target Patch Level, CVE’s covered by corresponding patch
• Individual contributor & a great team player
• Knowledge of the Common Vulnerability Scoring System (CVSS) vulnerability assessment method, operation concepts and corrective updates
• Perform weekly/monthly and adhoc vulnerability assessments for servers, user systems, Network assets, public facing assets and databases using Rapid7, Netsparker and Burpsuite
• Good working knowledge with DAST, SAST & SCA tools
• Troubleshoot Scans for any missing assets and assets scanned with improper authentication or authentication failure. Open support case with Scanning tools vendor for appropriate support
• Job offer is based on the positive screening & interview along with the positive background & reference check
• Track vulnerability remediation via Ticketing system and perform validation by Adhoc Scans
• Identify, resolve and document any false positive findings in vulnerability assessment results

Join the driver of change at CAE: our next growth horizon will be reached above all through digital innovation for our customers' success. LI-CL1 LI-hybrid

Position Type

Regular

CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.

Equal Employment Opportunity

At CAE, everyone is welcome to contribute to our success. With no exception.

As captured in our overarching value "One CAE", we’re proud to work as one passionate, boundaryless and inclusive team.

At CAE, all employees are welcome regardless of race, nationality, colour, religion, sex, gender identity or expression, sexual orientation, disability, neurodiversity or age.

The masculine form may be used in this job description solely for ease of reading, but refers to men, women and the gender diverse.

At CAE, we equip people in critical roles with the expertise and solutions to create a safer world. As a technology company, we digitalize the physical world, deploying simulation training and critical operations support solutions. Above all else, we empower pilots, airlines, defence and security forces, and healthcare practitioners to perform at their best every day and when the stakes are the highest. Around the globe, we’re everywhere customers need us to be with more than 13,000 employees in more than 200 sites and training locations in over 40 countries. CAE represents 75 years of industry firsts—the highest-fidelity flight and mission simulators, surgical manikins, and personalized training programs powered by artificial intelligence. We’re investing our time and resources into building the next generation of cutting-edge, digitally immersive training and critical operations solutions while keeping positive environmental, social and governance (ESG) impact at the core of our mission. Today and tomorrow, we’ll make sure our customers are ready for the moments that matter.