Sr Cybersecurity Analyst - Vulnerability Management Team

Responsibilities

• Provide advanced technical expertise and leadership in cybersecurity, contributing to the identification and resolution of complex cybersecurity issues across various domains such as Incident Response, Threat Intelligence, Governance, Risk, and Compliance (GRC), Privacy, Vulnerability Management, and Engineering Operations

• Lead and coordinate complex incident response efforts, overseeing the identification, containment, and resolution of sophisticated security incidents, and providing mentorship to junior and mid-level analysts

• Champion advanced threat intelligence initiatives, including the development of threat hunting strategies, proactive identification of emerging threats, and the implementation of innovative solutions to enhance the organization&39;s security posture

• Take ownership of the organization&39;s vulnerability management program, developing and implementing advanced strategies for identifying, prioritizing, and mitigating vulnerabilities, and providing expert guidance to analysts at all levels

• Architect and lead the optimization of the organization&39;s security infrastructure, ensuring the implementation of cutting-edge cybersecurity controls and practices, and providing strategic direction for the organization&39;s evolving security architecture

• Drive the maturity of GRC initiatives, providing expert guidance on compliance matters, shaping policies and procedures, and ensuring a proactive and comprehensive approach to governance, risk, and compliance

• Serve as the primary authority on privacy matters, overseeing the organization&39;s privacy program, and ensuring the effective implementation and continuous improvement of privacy controls in line with evolving regulations

• Lead advanced research and development efforts in cybersecurity, staying at the forefront of emerging technologies, and driving innovation in security practices to stay ahead of evolving cyber threats

• Mentor and coach junior and mid-level cybersecurity analysts, providing guidance on complex technical and strategic challenges, and contributing to the professional development of the cybersecurity team

• Foster strong collaboration across the organization, engaging with senior leadership, cross-functional teams, and external stakeholders, and representing the cybersecurity function at a strategic level

• May perform other job duties as directed by Employee&39;s Leaders

Knowledge, Skills and Abilities

• Knowledge of advanced cybersecurity concepts, including threat intelligence, penetration testing, and advanced attack techniques

• Skilled in cybersecurity regulations and standards, such as GDPR, HIPAA, and industry-specific compliance requirements

• Skilled in advanced threat detection methods and tools, as well as the ability to analyze and respond to complex threats

• Skilled in guiding incident response efforts, including managing complex incident investigations and coordinating teams

• Skilled in conducting in-depth vulnerability assessments and penetration testing to identify and address security weaknesses

• Ability to provide strategic insights into emerging threats, technologies, and best practices and shape the organization&39;s cybersecurity strategy

• Ability to lead risk management efforts and develop effective strategies for identifying, assessing, and mitigating cybersecurity risks

• Skilled in effective collaboration and communication to work effectively with cross-functional teams, stakeholders, and external partners

• Ability to develop and enforce security policies, standards, and procedures, ensuring compliance and comprehensive security controls

• Ability to foster a security-aware culture within the organization, promoting cybersecurity awareness and knowledge-sharing among team members and stakeholders

Education

• Required: High School Diploma or GED

• Required: Bachelor&39;s degree in Business, Engineering, Computer Science, or Information Systems or related field; or equivalent formal training

Experience

• Required: Advanced-level experience, seasoned and specialized knowledge in cybersecurity principles and concepts, developing skills and knowledge in information technology (IT) operations, programming, systems/software development or another IT related field

• Preferred: Experience in agile and adversarial vulnerability management.

• Preferred: Experience in Vulnerability Testing Tools (Nmap, Nessus, Qualys, Rapid7 insightVM, InspectorAWS, Prisma, Elastica, Metasploit framework, etc.).

• Preferred: Experience in Ticketing Platforms (ServiceNow, DefectDojo, PlexTrac, ThreadFix, Remedy, etc.).

• Preferred: Knowledge of Threat Modeling and Threat Intelligence Tools (Bitsight, RiskIQ, SecurityScorecard, RecordedFuture, CrowdStrike, RiskRecon, Trellix, etc.)

• Preferred: Understanding of the OWASP Top 10 and SANS Top 20

• Preferred: Programming and scripting experience

• Preferred: Experience and knowledge of network device configuration including Cisco Switches, Routers and Firewalls, PaloAlto Firewalls, Juniper Firewalls and Routers, A10 and F5 Load balancers

Licensing/Certification

• N/A

Physical Abilities

• Ability to perform work duties from [limited space work station/desk/office area] for extended periods of time

• Ability to communicate and interact with others in the English language to meet the demands of the job

• Ability to use a computer and other office productivity tools with sufficient speed and accuracy to meet the demands of the job

Other Qualifications

• Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines

• Must be a U.S. citizen or have authorization to work in the United States as defined by the Immigration Reform Act of 1986

• Must be at least 18 years of age

• Must be able to comply with Company attendance standards as described in established guidelines

Pay & Benefits

Competitive market salary from $124,550 per year to $138,400 per year* depending on qualifications and experience. For eligible Leadership and individual contributor roles, additional bonus opportunities are available and awarded at the discretion of the company.

Benefits youll love:

• Fly for free, as a privilege, on any open seat on all Southwest flights (your eligible dependents too)

• Southwest will help fund your 401(k) retirement savings with Company contributions up to 9.3 of your eligible earnings**

• Potential for annual ProfitSharing contribution in the Southwest Retirement Savings Plan- when Southwest profits, you profit***

• Competitive health insurance for you and your eligible dependents (including pets)

• Southwest offers health plan coverage options that start from the very first day of employment. You will have 30 days to select and enroll in your health plan with coverage retroactively available to your first day of employment.

• Explore more Benefits youll love: https://careers.southwestair.com/benefits

*Pay amount does not guarantee employment for any particular period of time.

**401(k) match contributions are subject to Retirement Savings Plan vesting schedule and applicable IRS limits
***ProfitSharing contributions are subject to Retirement Savings Plan vesting schedule and are made at the discretion of the Company.