Skip to main content

Not ready to apply? Join our Global Talent Network.

Job Description

Senior Information Security Vulnerability Analyst

Apply Now
Oeiras, Portugal Full time R1371665

Oeiras, Portugal| Portugal

Job description

Location: Portugal

Work model: Hybrid (1 day per week in the office)

This is one of a key cybersecurity role within the global Information Security organization. 
The individual fulfilling this Senior Vulnerability Analyst role will partner closely with IT professionals both within the core CIO organization and those in the Global Business Units performing assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.

RESPONSIBILITIES

  • Delivering on a portfolio of tasks as part of Vulnerability Management Service
  • Supporting the VMS team in vulnerability scanning and other ad hoc testing, identifying and evaluating vulnerabilities in web applications and infrastructure
  • Conducting comprehensive vulnerability assessment and continuous monitoring across IQVIA
  • Apply IQVIA’s vulnerability ratings to externally rated vulnerabilities to help the business prioritize remediation
  • Support the business lead vulnerability remediation activities
  • Maintain an oversight of existing vulnerabilities in the IQVIA estate
  • Develop and maintain a solid understanding of the IQVIA Integrated Information Security Framework and industry best practice and frameworks
  • Develop and document operational procedures and metrics in relation to carried out activities
  • Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
  • Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions
  • Collaborate with the business, CIO teams and CAPA management to ensure that control deficiencies are registered and remediated
  • Reporting regularly to management on the status of assigned activities including issues, risks and remediation actions.

 All responsibilities are essential job functions unless noted as nonessential (N).

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES

  • Generic knowledge of how Internet works (protocols, services, ports, connections, devices, ISO/OSI layers
  • Knowledge of industry tools for security scanning and vulnerability management solutions (Qualys, Tenable Nessus or Nexpose)
  • Working knowledge of enterprise IT and cloud technologies such as networking, server infrastructure, operating systems (MS Windows and Linux), web applications and databases (MSSQL)
  • Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
  • Knowledge of IT processes (SDLC, ITIL) in regulated environments
  • Experience in Cyber Security, Vulnerability Management and/or security testing
  • Excellent written and verbal communication skills
  • Effective organization and time management skills
  • Ability to write with purpose, clarity and accuracy
  • Ability to work both within a team environment and independently to initiate and prioritize tasks
  • Ability to establish and maintain effective working relationships with coworkers and management in a global environment.
  • Hands-on experience in security testing of web applications and infrastructure is a plus
  • Know-how of scripting languages is a plus
  • Experience in ServiceNow is a plus

MINIMUM REQUIRED EDUCATION AND EXPERIENCE

  • Candidate should have a minimum of 3 years Information Security or Vulnerability management experience or 3 years in a relevant Information Security role; or equivalent combination of education, training and experience
  • Candidates should possess an Associates or Bachelor's degree, and preferably have experience within a regulated industry environment
  • An ITIL or project management certificates are not required but beneficial.
  • A relevant qualification: CompTIA Security, CASP+, CEH, GIAC (GSEC, GCED etc.), SSCP or similar is a plus

IQVIA is a leading global provider of advanced analytics, technology solutions and clinical research services to the life sciences industry. We believe in pushing the boundaries of human science and data science to make the biggest impact possible – to help our customers create a healthier world. Learn more at https://jobs.iqvia.com

Apply Now

LEARN ABOUT HOW WE WORK

Learn About How We Work

Similar Jobs

See More Jobs

Join our Global Talent Network

Let’s stay connected. Sign up to receive alerts when new opportunities become available that match your career ambitions.

Join our network

Fortune World's Most Admired Company 2024
AI Breakthrough Award 2023
HTDA 2022
Brandon Hall Group
Leadership Silver
Brandon Hall Group
ABA23 Bronze Winner
IDC MarketScape
Pharma Voice 100
HBA - Health Businesswomen's Association
Universum China Emblem 2023
LinkedIn UK top companies
Oxford Internship Office Partner 2022
ADCM Award
Bronze - 2021 Stevie Winner - American Business Awards
Flex Jobs 2021 Top 100 Remote Work Company to Watch
Forbes America best management consulting firms
CRO Leadership Award 2020