Accelerate your career.

Explore opportunities across TA's portfolio

Staff Vulnerability Management Analyst



Posted on Thursday, June 27, 2024

Who We Are

In today's work environment, employees use a myriad of devices to access IT applications and data over multiple networks to stay productive, wherever and however they work. Ivanti elevates and secures Everywhere Work so that people and organizations can thrive.

While our headquarters is in the U.S., half of our employees and customers are outside the country. We have 36 offices in 23 nations, with significant offices in London, Frankfurt, Paris, Sydney, Shanghai, Singapore, and other major cities around the world.

Ivanti's mission is to be a global technology leader enabling organizations to elevate Everywhere Work, automating tasks that discover, manage, secure, and service all their IT assets. Through diverse and inclusive hiring, decision-making, and commitment to our employees and partners, we will continue to build and deliver world-class solutions for our customers.

Our Culture – Everywhere Work Centered Around You

At Ivanti, our success begins with our people. This is why we embrace Everywhere Work across the globe, where Ivantians and our customers are thriving. We believe in a healthy work-life blend and act on it by fostering a culture where all perspectives are heard, respected, and valued. Through Ivanti's Centered Around You approach, our employees benefit from programs focused on their professional development and career growth.

We align through our core values by locking arms in collaboration, being champions for our customers, focusing on the outcomes that matter most and fighting the good fight against cyber-attacks. Are you ready to join us on the journey to elevate Everywhere Work?

Why We Need You!

Are you an innovative and experienced Lead Compliance Analyst looking for a new challenge? Ivanti is looking for someone who is passionate about compliance and always searching for ways to improve processes for vulnerability management and control management. In this lead role, you will have an opportunity to lead projects in our Vulnerability Management and Continuous Monitoring programs. You will collaborate with our security teams and engineers to implement automation to ensure that we are always compliant with Ivanti security policies and regulatory requirements. If you are proactive, motivated and can work independently, this is an exciting opportunity to be at the forefront of our Continuous Monitoring program and Vulnerability Management improvement plan, while taking advantage of our outstanding health and wellness benefits, equity ownership program, and access to LinkedIn Learning for personal and professional development. Join our team at Ivanti and make a difference in our global technology mission. Apply now!

What You Will Be Doing:

  • Assessing and analyzing security controls to ensure that they are being performed at the required frequency as stated by Ivanti policy and regulatory standards.
  • Developing methods to monitor and measure risk, compliance, and assurance efforts.
  • Providing ongoing compliance optimization and problem-solving support.
  • Providing recommendations for compliance management improvements and upgrades
  • Participating in the design and implementation of the GRC management system.
  • Managing Continuous Monitoring tooling for enhancements and improvements.​
  • Working with the Audit and Risk teams to integrate their needs into the GRC tool​
  • Provide supplemental audit support to the audit team.​

To Be Successful in The Role, You Will Have:

  • A strong knowledge of vulnerability management processes and tools.
  • Experience with performing vulnerability scans and troubleshooting scanning issues.
  • The ability to collaborate with security teams and engineers.
  • An understanding of vulnerability issue prioritization and impact.
  • Knowledge of compliance management concepts and continuous monitoring methodologies.
  • Knowledge of policy control management
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of operational impact of control gaps.
  • Knowledge of industry-standards and organizationally accepted analysis principles and methods.
  • Knowledge of information technology (IT) architectural concepts and frameworks.
  • Knowledge of Risk Management Framework (RMF) requirements.
  • Knowledge of audit Frameworks (FedRAMP, SOC 2, ISO, etc) and principles.
  • Knowledge of system life cycle management principles, including software
  • Knowledge of how to leverage research and development centers, think tanks, academic research, and industry systems.
  • Familiarity with FedRAMP Plan of Action and Milestones (POA&M) creation
  • The ability to lead compliance vulnerability management projects
  • A strong knowledge of hardware and software systems such as Windows and Linux.
  • Knowledge of cloud security platforms, specifically AWS and Azure.

Roadmap for Success:

First 90 Days:

  • Complete new hire training and onboarding requirements.
  • Complete FedRAMP Training
  • Become familiar with and be able to identify areas of improvement for Vulnerability Management and Continuous Monitoring.
  • Become familiar with Vulnerability Management standard operating procedures.
  • Be able to perform Qualys file imports into the FedRAMP Vulnerability Management ticketing tool.
  • Be able to execute weekly Vulnerability scans.
  • Become familiar with the engineering point of contacts.
  • Know how to create tickets from the scan reports in Azure DevOps ticketing system.
  • Know which scans are required for each product.

First 6 Months:

  • Be able to lead and track progress of compliance projects.
  • Be able to lead weekly Vulnerability Management meetings and track issue remediation.
  • Be comfortable working with Product security team to resolve configuration issues.
  • Have a good understanding of cloud security platforms, specifically AWS and Azure.
  • Earned the respect and trust of product security engineers/peers as it relates to his/her control ownership.
  • Demonstrates the ability to lead compliance and vulnerability management projects

First 12 Months:

  • Demonstrates ability to plan and manage projects.
  • Ensures deliverables meet compliance requirements and project plan specifications and deadlines.
  • Can identify needed improvements to the Compliance toolset tool and work with engineers to implement.
  • Can identify/ implement automation opportunities to improve the Vulnerability Management process.

This job posting will remain active until a qualified candidate is identified.

At Ivanti, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Ivanti believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

If you require special assistance for the best interview experience, please contact us at recruiting@ivanti.com.