The Cervantes Group

Hardening Compliance Analyst

Role description

The Hardening Compliance Analyst will work with the team to help approve the process to measure hardening compliance across various US-based entities. This person will support the team to understand hardening compliance gaps by setting up the initial configurations of the compliance measurement tool, creating new compliance measurement profiles and setting up the reports templates needed. The ideal person is very comfortable assisting the Security teams in consolidating the way/tool used to measure hardening compliance.


Job Duties:

  • Assess hardening compliance gaps identified by the hardening compliance scans and evaluate, rate and perform risk assessments on assets by creating new report templates.
  • Prioritize remediation of gaps discovered along with remediation timeline(s) and work with associated teams to explain gaps and remediation steps as required.
  • Create reports and provide analysis on gaps for technical teams and leadership.
  • Collaborate with upper management and technical teams to help create strategy and technical design to configure and install Policy Compliance Qualys module.
  • Provide crucial insights into the most pressing issues and suggest how to prioritize security resources while monitoring for and detecting security events utilizing Qualys.
  • Evaluate, rate and perform risk assessments on assets in addition to reviewing alerts escalated by end users and perform initial triage of incoming issues.
  • Document, investigate and notify appropriate contact for security events and response while participating in the resolution of events, even after they are escalated.
  • Monitor health alerts and downstream dependencies in addition to providing limited response to end users for low complexity security events and reviewing false positive with the various Security teams to tune and provide feedback to improve accuracy of the alerts.


Required Qualifications & Experience:

  • Bachelor’s Degree is required
  • Bilingual in both English/Spanish (strong written & verbal skills) is a must
  • 2-3+ years’ experience of vulnerability management/hardening compliance is required
  • 2+ years’ experience using Vulnerability Management & analysis using tools such as Qualys, Nessus, Rapid7, QRadar, etc., is required
  • General network knowledge, TCP/IP, Internet Routing, UNIX / LINUX & Windows OS
  • Strong understanding of vulnerability scanning and reporting


Pluses (not required but preferred experience) include:

  • Previous experience as a Systems Admin hardening Windows/Linux systems


Latest jobs

The Cervantes Group MX

Client Delivery Advisor | Global Solutions

April 30th, 2024
Boston
Full-time

We are looking for a highly customer-centric individual with excellent sales, business development and relationship management skills who enjoys working through challenges and Agile environments. As a Client Delivery Advisor you will be responsible for creating and nurturing partnerships and relationships with candidates, our consultants and customers. The Client Delivery Advisor reports directly to the Director of Global Accounts and primary responsibilities include identifying, interviewing and closing the hiring of qualified candidates with our clients, for positions within a wide range of consultancy services we are providing. The ideal person would have experience fulfilling Recruiting and/or Business Development roles within technology consulting and turnkey solutions (managed/professional services). 


The Cervantes Group

Solutions Architect

February 4th, 2024
Boston
Full-time

The Solutions Architect will drive operational strategies and plans for Digital business unit and will be managing strategic Commercial Banking Architecture platforms, apps, and systems. This person will communicate with Sr. leadership influencing business decision making and ensure compliance with the organization's technology standards. Work with internal business groups on implementation opportunities, challenges, and requirements of various applications. The ideal person for this role can participate in planning, technical design & blueprinting, roadmapping, and stakeholder management within ePMO and Enterprise Architectural settings for innovative digital solution development.


C3 S.A. Inc

Data Migration Engineer

February 4th, 2024
Remote
Full-time

The Data Migration Engineer manages migration of large-scale and complex data systems from one source system to another. Responsible for analyzing data to be migrated, transforming data according to customer requirements, and ensuring the integrity of the data. This person will formulate data migration plans and strategies and provide expert knowledge to internal integration engineers and external customers. This person regularly meets with internal and external stakeholders to assess data migration needs, evaluate existing systems, document data migration requirements, and implement appropriate data migration solutions. Coordinates and reviews work with other engineers, tests and approves deliverables prior to deployment.


The Cervantes Group

Cloud SysOps Administrator

February 4th, 2024
Remote
Full-time

The Cloud SysOps Administrator will ensure smooth execution of deployments in Production through pipelines and Atlassian Tools within the AWS cloud environment. This person will primarily be focused on ensuring releases are in place and without any incident involved and provide production support when necessary. Work with SRE and Observability Engineering to provide and analyze historical data to mitigate potential future incidents and identify users for active monitoring of problem resolution processes.