A vulnerability management/risk analyst is an advanced, hands-on practitioner and representative of the cybersecurity defense team. The role is technical, and candidates must possess a solid understanding of information security and preferably have held positions in cybersecurity and systems administration. The role also requires an understanding of business and governance process. Vulnerability management analysts are responsible for the overall management lifecycle of the program. They must understand applications, operating systems, networking, cloud infrastructure and basic attacker tactics, techniques, and procedures (TTPs). Additionally, analysts are expected to maintain a high level of rigor to stay up-to-date with advancements in technology, while also retaining knowledge of older systems and applications in use.


*This position will be hired at the Infrastructure Administrator, System Administrator, or Senior System Administrator level.


** This position is eligible to work hybrid (9 or more days a month onsite) in accordance with our Telecommuting Policy. Applicants must reside in Kansas or Missouri or be willing to relocate as a condition of employment.



Are you ready to make a difference? Choose to work for one of the most trusted companies in Kansas.




Why Join Us?

• 
  Family Comes First: Total rewards package that promotes the idea of family first for all employees.


• 
  Dynamic Work Environment: Collaborate with a team of passionate and driven individuals.


• 
  Trust: Work for one of the most trusted companies in Kansas


• 
  Flexibility: options to work onsite, hybrid or remote available


• 
  Inclusive Work Environment: We pride ourselves on fostering a diverse and inclusive workplace where everyone is valued and respected.

• Blue Cross and Blue Shield of Kansas offers excellent competitive compensation with the goal of retaining and growing talented team members. The salary range for this role is a good faith estimate, it is estimated based on what a successful candidate might be paid. All offers presented to candidates are carefully reviewed to ensure fair, equitable pay by offering competitive salaries that align with the individual's skills, education, experience, and training. The range may vary above or below the stated amounts.

• Communicate directly with all areas of the company regarding vulnerabilities and risk and work together to find a resolution.


• Lead monthly patch management meetings and follow up meetings ensuring patches for servers and endpoints are being implemented.


• Prioritize vulnerability remediation based on criticality, exploit probability, rating and business risk exposure.


• Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization's security posture against them.


• Serve as a point of contact for new and existing vulnerability-related issues.


• Manage vulnerabilities across applications, endpoints, databases, networking devices, and mobile, cloud and third-party assets.


• Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.


• Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.

• High school diploma/GED requited. Bachelor Degree or completion of a Computer Science Program from a Technical Trade School is preferred.


• Minimum of two years' experience in I.T. infrastructure and/or application development is required.

• Security related certifications such as OSCP, CISSP, CRTP, GCTI, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH, Security+ also preferred.


• Preferred applicants will have hands-on work in technologies such as: Vulnerability Scanners, Pen Testing tools, Cyber Security Rating tools, Network Detection and Response (NDR), Third Party Risk Assessment Tools, and Firewalls

• Base compensation is only one component of your competitive Total Rewards package
  
  
  • Incentive pay program (EPIP)
  
  
  • Health/Vision/Dental insurance
  
  
  • 6 weeks paid parental leave for new mothers and fathers
  
  
  • Fertility/Adoption assistance
  
  
  • 2 weeks paid caregiver leave
  
  
  • 5% 401(k) plan matching
  
  
  • Tuition reimbursement
  
  
  • Health & fitness benefits, discounts and resources