Vulnerability Management Analyst

About the Job

Vulnerability Management Analyst

Salary Range: $83,000 - 97,000 (depending on experience)

• The University of Minnesota is committed to fostering local talent through employment opportunities. While this position utilizes a predominantly remote work modality, prospective applicants must be located either in the state of Minnesota or near the Wisconsin border or otherwise open to relocation.

• Please note, this position is not eligible for H-1B or Green Card sponsorship.

At the University of Minnesota, we are dedicated to changing lives through education, research, and outreach. The University Information Security department (UIS) offers an environment of trust, collaboration, and mission-focused work. We seek an individual who will be responsible for providing guidance and support to the broader University IT community in detecting and addressing security vulnerabilities. This position will manage University vulnerability management tools and provide risk-based prioritization and consultative support to IT staff detecting and remediating security vulnerabilities to maintain compliance with information security policy.

Job Responsibilities:

• Implement and maintain the University-wide vulnerability management program.

• Develop and manage remediation activities by ensuring departments mitigate vulnerabilities in a timely manner based on risk.

• Help define vulnerability analysis, resolution strategy, and provide input to mitigation proposals.

• Initiate scans and other testing mechanisms as needed.

• Analyze root causes and propose feasible technical solutions to manage exposure to vulnerabilities.

• Primary responsibility for administering vulnerability management tools .

• Prioritize and design various vulnerability management tool functions and features.

• Build integration and automation for vulnerability management tasks.

• Develop metrics to measure the effectiveness of the vulnerability management program and mitigation strategies.

• Evaluate and implement technical options for enhanced visibility and decision-making by stakeholders at multiple levels.

• Interface, influence, and engage the University's IT community to promote vulnerability management across various levels of the organization.

• Provide guidance to comply with University policy and other relevant frameworks.

• Document, manage, and perform auditable procedures.

• Maintain strong knowledge of vulnerability management best practices and familiarity with relevant frameworks (CVSS, OWASP Top 10).

• Escalate security issues where appropriate.

The University of Minnesota is an Equal Opportunity Educator and Employer.

Qualifications

• Please document qualifications on resume

Required Qualifications:

• Bachelor's degree and 2 years of relevant work experience or Master's degree

• Demonstrated experience in one or more of the following:

➢ Vulnerability Management

➢ Systems Administration

➢ Other central information security related processes or tools (ex. DR/BCP, Configuration Management, Endpoint Device Management)

• Experience collaborating with diverse teams

• Current technical knowledge and understanding of threats, emerging threats, and vulnerabilities.

• Ability to aggregate and analyze data and provide summaries of the data.

• Demonstrated ability to manage projects and/or programs, including prioritization of efforts.

• Excellent communication (oral, written, presentation), interpersonal, and consultative skills.

Preferred Qualifications:

• Strong understanding of vulnerability management best practices and familiarity with relevant frameworks (CVSS, OWASP Top 10).

• Experience with vulnerability management governance structures in a large/decentralized organization.

• Knowledge or experience with relevant information security and regulatory frameworks such as CIS, PCI, HIPAA, NIST, CMMC

• One or more relevant security related certifications (e.g. GSEC, Security+).

• Coding/scripting experience (e.g. python, powershell, etc.).

• Experience with deployment, maintenance and use of vulnerability scanning and testing tools (Rapid7, Tenable, Qualys or others).

• Demonstrated process improvement and/or process design experience, including supporting technical documentation

• Strong analytical problem solving skills.

• Takes on the challenge of unfamiliar tasks and experiments to enhance learning

Benefits

Working at the University

At the University of Minnesota, you'll find a flexible work environment and supportive colleagues who are interested in lifelong learning. We prioritize work-life balance, allowing you to invest in the future of your career and in your life outside of work.

The University also offers a comprehensive benefits package that includes:

• Competitive wages, paid holidays, and generous time off

• Continuous learning opportunities through professional training and degree-seeking programs supported by the Regents Tuition Benefit Program

• Low-cost medical, dental, and pharmacy plans

• Healthcare and dependent care flexible spending accounts

• University HSA contributions

• Disability and employer-paid life insurance

• Employee wellbeing program

• Excellent retirement plans with employer contribution

• Public Service Loan Forgiveness (PSLF) opportunity

• Financial counseling services

• Employee Assistance Program with eight sessions of counseling at no cost

• Employee Transit Pass with free or reduced rates in the Twin Cities metro area

Please visit the Office of Human Resources website for more information regarding benefits.

How To Apply

Applications must be submitted online. To be considered for this position, please click the Apply button and follow the instructions. You will be given the opportunity to complete an online application for the position and attach a cover letter and resume.

Additional documents may be attached after application by accessing your "My Job Applications" page and uploading documents in the "My Cover Letters and Attachments" section.

To request an accommodation during the application process, please e-mail employ@umn.edu or call (612) 624-8647.

Diversity

The University recognizes and values the importance of diversity and inclusion in enriching the employment experience of its employees and in supporting the academic mission. The University is committed to attracting and retaining employees with varying identities and backgrounds.

The University of Minnesota provides equal access to and opportunity in its programs, facilities, and employment without regard to race, color, creed, religion, national origin, gender, age, marital status, disability, public assistance status, veteran status, sexual orientation, gender identity, or gender expression. To learn more about diversity at the U: http://diversity.umn.edu

Employment Requirements

Any offer of employment is contingent upon the successful completion of a background check. Our presumption is that prospective employees are eligible to work here. Criminal convictions do not automatically disqualify finalists from employment.

About the U of M

The University of Minnesota, Twin Cities (UMTC)

The University of Minnesota, Twin Cities (UMTC), is among the largest public research universities in the country, offering undergraduate, graduate, and professional students a multitude of opportunities for study and research. Located at the heart of one of the nation's most vibrant, diverse metropolitan communities, students on the campuses in Minneapolis and St. Paul benefit from extensive partnerships with world-renowned health centers, international corporations, government agencies, and arts, nonprofit, and public service organizations.

At the University of Minnesota, we are proud to be recognized by the Star Tribune as a Top Workplace for 2021, as well as by Forbes as Best Employers for Women and one of America's Best Employers (2015, 2018, 2019, 2023), Best Employer for Diversity (2019, 2020), Best Employer for New Grads (2018, 2019), and Best Employer by State (2019, 2022).