Job Information
American Chemical Society TE58P3 Security Analyst - Vulnerability Management in Columbus, Ohio
Description CAS uses intuitive technology, unparalleled scientific content and unmatched human expertise to help companies create groundbreaking innovations that benefit the world. As the scientific information solutions division of the American Chemical Society, CAS manages the largest curated reservoir of scientific knowledge, and for 117 years, has helped innovators mine, assess and apply that information to keep businesses thriving. The CAS team is global, diverse, endlessly curious and strives to make scientific insights accessible to innovators worldwide. CAS is currently seeking a Security Analyst- Vulnerability Management. This position will be located in our headquarters in Columbus, Ohio. Position Summary: This Information Security Analyst supports both ACS and CAS as an enterprise function. The Information Security Analyst is responsible for protecting the organization's information assets by identifying and partnering to remediate vulnerabilities in the environment using industry-leading tools and threat intelligence feeds. This role involves security assessments, analyzing scan reports, and collaborating with various departments to enhance the overall security posture of the organization. This role is responsible for collaborating with business partners to review, assess, and collaborate to remediate vulnerabilities and harden security controls. Job Accountabilities: Regular attendance to your work location on the Columbus campus is a requirement of this role. Proactively works with partners and suppliers to achieve objectives on time and within budget. Takes appropriate actions, when necessary, with partners/suppliers to build enterprise class solutions, respond to issues/threats, and/or communicate to stakeholders all utilizing efficient and effective tools and techniques to mature enterprise information security Program Development: Mature and maintain an effective information security vulnerability management program to identify, assess, and mitigate vulnerabilities in the organization Conduct regular vulnerability scans on networks, servers, managed devices and applications. Identify, analyze, and prioritize vulnerabilities based on risk and potential impact. Use industry-standard tools to perform comprehensive vulnerability assessments. Work with IT and development teams to ensure timely and effective remediation of identified vulnerabilities. Develop and implement remediation plans, tracking progress, and verifying remediation completion. Provide guidance and support to teams on best practices for vulnerability mitigation. Manage and maintain vulnerability management tools and software. Ensure tools are updated and functioning correctly and configure them for optimal performance. Evaluate and recommend new tools or upgrades as needed. Generate detailed vulnerability assessment reports and dashboards for various stakeholders. Document and maintain an inventory of identified vulnerabilities and remediation efforts. Provide regular updates to management on the status of vulnerability management activities. Stay informed about the latest security threats, vulnerabilities, control frameworks, and industry trends. Conduct research on new vulnerabilities and emerging threats relevant to the organization. Participate in security forums and collaborate with external security experts. Ensure vulnerability management practices comply with industry standards and regulatory requirements. Develop, update, and enforce vulnerability management policies and procedures. Support internal and external assessments related to vulnerability management and security compliance. Following industry and company best practices Collaborate in implementation of security controls aligned to the Enterprise Information Security strategy Actively engages in the greater information security and privacy community (e.g. peer groups, se