21 days ago
Information Security Analyst - Vulnerability Management
Milliman
Hybrid
Full Time
$110,000
Hybrid
Job Overview
Job TitleInformation Security Analyst - Vulnerability Management
Job TypeFull Time
Offered Salary$110,000
LocationHybrid
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.

Job Description
Information Security Analyst - Vulnerability Management
Milliman is seeking an Information Security Analyst specializing in Vulnerability Management to join their GCS IS team. This role is crucial for contributing to physical and technical information security best practices, and will involve consulting with local offices to implement network and application security procedures. The position reports to the Information Security Manager in India.
Duties and Responsibilities
- Act as a key member of the GCS IS Ethical Hacking & Data Protection Team.
- Conduct regular vulnerability assessments using industry-standard tools such as Qualys and Nessus.
- Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with IT and development teams.
- Maintain and improve the vulnerability management lifecycle, encompassing scanning, reporting, tracking, and verification.
- Monitor threat intelligence feeds and correlate internal findings to assess potential impact.
- Develop and maintain dashboards and metrics to report on vulnerability trends and remediation progress.
- Assist in the development and enforcement of security policies, standards, and procedures.
- Stay updated on information security threats and countermeasures, advising technical staff accordingly.
- Participate as a member of the GCS Cyber Security Incident Response Team (CSIRT) as needed to consult on compromise vectors or the cyber kill chain.
Required Skills & Attributes
- Experience with vulnerability management tools like Qualys VMDR, Cloud Agents, and Nessus Professional.
- Demonstrated skills in the Vulnerability Management lifecycle, including vulnerability scanning, remediation, and validation.
- Proficiency with vulnerability scanning tools and interpreting CVSS scores.
- Strong knowledge of operating systems (Windows, Linux), networking, and cloud environments (Azure, AWS).
- Understanding of scanning cloud services (Azure, AWS) environments.
- Strong English verbal and written communication skills, with the ability to clearly document and communicate vulnerabilities to network administrators, asset owners, and key stakeholders.
- Strong ability to work effectively in a team and collaborate across multiple time zones.
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 5+ years of experience in vulnerability management or a related cybersecurity role.
- Familiarity with regulatory and compliance frameworks such as ISO 27001, NIST, and PCI-DSS.
Preferred Skills & Attributes
- One or more relevant certifications (e.g., CISSP, CEH, CompTIA Security+, Qualys VMDR).
- Ability to interpret information security data and processes to identify potential compliance issues.
- Strong decision-making and problem-solving skills, with the ability to clearly define and resolve issues.
- Assertive and proactive in identifying and resolving issues and concerns.
- Excellent time management skills, including the ability to prepare, prioritize, and complete work plans.
- Ability to work with geographically diverse offices in a global organization, with a willingness to work offset hours occasionally to accommodate time zones.
Key Skills/Competency
- Vulnerability Management
- Ethical Hacking
- Data Protection
- Qualys
- Nessus
- CVSS
- Network Security
- Cloud Security
- Incident Response
- Risk Assessment
How to Get Hired at Milliman
- Tailor your resume: Highlight your experience with vulnerability management tools like Qualys and Nessus, and quantify your achievements in vulnerability lifecycle management and risk assessment.
- Showcase technical skills: Emphasize your proficiency in operating systems, networking, cloud environments (Azure, AWS), and interpreting CVSS scores.
- Demonstrate collaboration: Provide examples of your ability to communicate complex technical information clearly to diverse stakeholders and work effectively across time zones.
- Prepare for technical questions: Be ready to discuss your experience with vulnerability scanning, remediation strategies, and your understanding of security frameworks like NIST and ISO 27001.
- Highlight certifications: If you hold relevant certifications such as CISSP, CEH, or CompTIA Security+, ensure they are prominently featured on your application.
Frequently Asked Questions
Find answers to common questions about this job opportunity
01What are the primary responsibilities for an IS Analyst- Vulnerability Management at Milliman?
02What technical skills are essential for the IS Analyst- Vulnerability Management role at Milliman?
03What kind of experience does Milliman require for this Information Security Analyst position?
04How does Milliman handle collaboration across different time zones for this role?
05Are there any preferred certifications for the IS Analyst- Vulnerability Management role at Milliman?
06What is the career path for an IS Analyst- Vulnerability Management at Milliman?
07How does Milliman's IS Analyst- Vulnerability Management contribute to the company's overall security posture?
Explore similar opportunities that match your background