Cybersecurity Analyst

VEC AVA In this role, the Analyst will be responsible for assisting in assessing our network to identify and mitigate existing and potential vulnerabilities and exploits. Analysts will work closely with our senior security analysts to monitor, analyze, and respond to potential security incidents, ensuring the confidentiality, integrity, and availability of our network resources.

• Conduct regular vulnerability assessments and penetration tests to identify weaknesses in network infrastructure.
• Assist in analyzing security logs and alerts to detect and reporting potential security incidents to the respective support team.
• Collaborate with cross-functional teams to implement security best practices and mitigate identified vulnerabilities.
• Stay informed about the latest security trends, vulnerabilities, and exploits to proactively address emerging security issues.
• Assist in the development and implementation of security policies, procedures, and controls.
• Leverage Open-Source Intelligence to help secure assets and property on the network.

• Vulnerability Security Researcher (Novice) – Conduct research and analyze emerging cyber threats and vulnerabilities. Has existing knowledge of areas that contain Cybersecurity knowledge or how to search for new areas where information can be found. Able to provide timely intelligence to inform security strategies and Cybersecurity management. This will include oral and written notification to the necessary parties.
• Conduct Vulnerability Assessment (Novice) – Conduct vulnerability scans on various items on the network. Provide timely reports to any stakeholders of the scans and Cybersecurity management. Will be expected to identify vulnerabilities that need to be remediated and provide guidance on potential mitigations for the vulnerabilities. Has conducted a vulnerability assessment in the past on an Application or Operating System in the past. Basic knowledge of the following: Operating Systems, Software packages, networking, ports, protocols and patching procedures.
• Conduct Penetration Test (Novice) – Will be expected to participate in internal penetration testing exercises. This will include providing a detailed write-up of the engagement. Will work with various key stakeholders to report what exactly occurred. Basic knowledge of the following: navigating operating systems, installing software packages, networking, exploits, conducting reconnaissance procedures.
• Escalation/Troubleshooting (Novice) – Will be expected to be a technical resource for any issues that may arise from scanning or assessing applications. They will be expected to report the issue to the necessary parties and follow through until the issue is resolved.
• Consultation (Novice) – Will provide consulting services to VUMC support personnel as designated by VEC SOS leadership. They will operate in both a per directive and per request basis through approved methods. These include, but not limited to approved short-term and long-term initiatives.
• Project Resource (Novice) – Will assist in cybersecurity centric projects for the institution. They will be expected to be assigned to multiple initiatives at the same time. They will be expected to operate in both an independent and team environment executing proper time and resource management skills. Regular reporting cadence with their director is expected.

Organizational Impact: Executes job responsibilities with the understanding of how output would affect and impact other areas related to own job area/team with occasional guidance. Problem Solving/ Complexity of work: Analyzes moderately complex problems using technical experience and judgment. Breadth of Knowledge: Has expanded knowledge gained through experience within a professional area. Team Interaction: Provides informal guidance and support to team members. Supporting Colleagues:- Develops Self and Others: Invests time, energy, and enthusiasm in developing self/others to help improve performance e and gain knowledge in new areas.- Builds and Maintains Relationships: Maintains regular contact with key colleagues and stakeholders using formal and informal opportunities to expand and strengthen relationships.- Communicates Effectively: Recognizes group interactions and modifies one's own communication style to suit different situations and audiences. Delivering Excellent Services:- Serves Others with Compassion: Seeks to understand current and future needs of relevant stakeholders and customizes services to better address them.- Solves Complex Problems: Approaches problems from different angles; Identifies new possibilities to interpret opportunities and develop concrete solutions.- Offers Meaningful Advice and Support: Provides ongoing support and coaching in a constructive manner to increase employees' effectiveness. Ensuring High Quality: - Performs Excellent Work: Engages regularly in formal and informal dialogue about quality; directly addresses quality issues promptly.- Ensures Continuous Improvement: Applies various learning experiences by looking beyond symptoms to uncover underlying causes of problems and identifies ways to resolve them. - Fulfills Safety and Regulatory Requirements: Understands all aspects of providing a safe environment and performs routine safety checks to prevent safety hazards from occurring. Managing Resources Effectively: - Demonstrates Accountability: Demonstrates a sense of ownership, focusing on and driving critical issues to closure.- Stewards Organizational Resources: Applies understanding of the departmental work to effectively manage resources for a department/area.- Makes Data Driven Decisions: Demonstrates strong understanding of the information or data to identify and elevate opportunities. Fostering Innovation:- Generates New Ideas: Proactively identifies new ideas/opportunities from multiple sources or methods to improve processes beyond conventional approaches.- Applies Technology: Demonstrates an enthusiasm for learning new technologies, tools, and procedures to address short-term challenges.- Adapts to Change: Views difficult situations and/or problems as opportunities for improvement; actively embraces change instead of emphasizing negative elements. Relevant Work Experience 2 years Bachelor's