9280BRCompany Summary:As the recognized global standard for project-based businesses, Deltek delivers software and information solutions to help organizations achieve their purpose. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing and making a difference. At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Best Place to Work by Glassdoor, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress. www.deltek.comAuto req ID:9280BRExternal Job Title:Vulnerability Management AnalystPosition Responsibilities: We seek a highly skilled and experienced Vulnerability Management Analyst to join our dynamic team. The ideal candidate will oversee vulnerability and remediation management within our IT infrastructure. This role will involve capturing and maintaining metrics to set SLAs, conducting pentest remediation, updating security workflows, documentation, patch management, and identifying and maintaining asset risk scores. The Senior Vulnerability Management Analyst will play a crucial role in day-to-day IT security operations, ensuring the integrity and resilience of our systems.

Key Responsibilities

• Vulnerability and Remediation Management: Lead the identification, assessment, prioritization, and remediation of vulnerabilities across our IT infrastructure.

• SLA Metrics: Capture and maintain metrics to establish SLAs for vulnerability management processes, ensuring efficient and timely resolution of identified issues

• Pentest Remediation: Coordinate and oversee the remediation of vulnerabilities identified through penetration testing exercises, collaborating with relevant teams to implement effective solutions.

• Security Workflows and Automation: Develop and implement security workflows and automation strategies to enhance vulnerability management processes, streamline operations, and improve efficiency. Explore and utilize automation frameworks or devise new methods to make remediation and reporting more effective.

• Documentation: Maintain comprehensive documentation of vulnerability management processes, procedures, and outcomes, ensuring accuracy and relevance.

• Patch Management: Develop and implement strategies for effective patch management, ensuring the timely application of security patches across all relevant systems and applications during scheduled and unscheduled maintenance.

• Asset Risk Scores: Identify and maintain asset risk scores based on vulnerability assessments and other relevant factors, providing insights into the security posture of our infrastructure.

• CSAM Tools and Security Management Tools: Utilize and manage Continuous Security Assessment and Monitoring tools such as Qualys, Crowdstrike, Tenable, and SCCM to enhance vulnerability management processes and ensure comprehensive coverage.

Work Location:Philippines, Makati City Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or related field; advanced degree preferred

• 3+ years of experience in IT security with a focus on vulnerability management

• Strong understanding of common vulnerabilities and exposure (CVE) databases, vulnerability scanning tools, and penetration testing methodologies

• Experience with SLA management and metrics reporting

• Proficiency in patch management processes and tools such as SCCM and public cloud patch management tools

• Experience with Cyber Security tools such as Qualys, Crowdstrike, and Tenable

• Familiarity with cyber security asset management tools and multi-factor authentication (MFA) solutions.

• Familiarity with vulnerability types and remediation techniques.

• Expertise with MS PowerShell

• 2+ years of system administration experience, including troubleshooting Windows servers and workstations, Linux servers, and networking concepts

• Experience with public cloud platforms like AWS, GCP, and/or Azure, as well as VMware, virtualization, storage, and compute

• Excellent communication and collaboration skills, with the ability to work effectively across diverse teams

• Relevant certifications such as CISSP, CISM, CEH, or GIAC are preferred

• Proven ability to prioritize and manage multiple tasks in a fast-paced environment

• Willing to work from 9 AM to 6 PM ET.

  Preferred Qualifications:

• Experience with vulnerability scanning tools (Rapid7, Nexpose, Qualys, etc.)

• CompTIA Security+ Certification is a plus

Travel Requirements:NoApplicant Privacy Notice:Deltek is committed to the protection and promotion of your privacy. In connection with your application for employment with us at Deltek, it is necessary for us to collect, store and use information about you (“Personal Data”) to administer and evaluate your application. We are the “controller” of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice (https://education.deltek.com/web/du_internal/Recruitment/Applicant Privacy Notice.pdf) . Additionally, we have not sold and do not sell Personal Data you provide to us through the job application process.Business Summary:The Deltek Information Technology team provides technical support, services and applications to Deltek's global workforce. We are dedicated to finding innovative ways to help our employees maximize their productivity and exceed their business goals. If you're a world-class problem solver looking to be part a diverse, dynamic and collaborative team – join us as we power success for all of Deltek.