Vulnerability Assessment Analyst 4 - VAAN4

Lancesoft

Atlanta, GA

Apply

JOB DETAILS

SALARY

$60

SKILLS

(XSS) Cross Site Scripting, Analysis Skills, Application Programming Interface (API), Applications Security, Bash Scripting, Business Skills, Cloud Computing, Communication Skills, Computer Science, Computer Security, Continuous Deployment/Delivery, Continuous Integration, Cross-Functional, Detail Oriented, DevOps, Docker, Enterprise Protection, Establish Priorities, Identify Issues, Injections, Internet Security, Linux Operating System, Microsoft Windows Operating System, Multitasking, Operating Systems, Penetration Testing, Perl Programming Language, Presentation/Verbal Skills, Python Programming/Scripting Language, Quality Assurance Methodology, Risk, Risk Analysis, Risk Management, Safety/Work Safety, Scripting (Scripting Languages), Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Simulation, Software Development, Time Management, Trend Analysis, Unix Operating Systems, Willing to Travel, Windows PowerShell, Writing Skills

LOCATION

Atlanta, GA

POSTED

15 days ago

Vulnerability Analyst

Birmingham, AL 35203 / Atalanta GA 30308

12 months

Pay Rate: $60.00/hr - $67.50/hr

Position Overview:

Seeking a passionate Container Security & Exposure Management Analyst to support its Cybersecurity organization in a highly technical, hands-on role focused on containerized and cloud-native environments.
This position is responsible for continuously identifying, validating, and assessing security exposures across enterprise systems, with particular emphasis on Openshift, Kubernetes, Docker, container runtimes, orchestration platforms, and the supporting infrastructure that enables modern application delivery.
The analyst will support day-to-day CTEM operations by validating exposure paths, confirming real world exploit potential, and helping the organization better understand how vulnerabilities could impact containerized workloads, images, clusters, nodes, registries, pipelines, and dependent services.
This role will translate hands-on platform knowledge into practical recommendations that reduce exposure and improve the security posture of containerized environments.

Qualifications:

Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience
2+ years in container platform engineering, DevSecOps, application development, offensive security, penetration testing, or adversarial threat simulation
Demonstrated expertise standing up, supporting, securing, or troubleshooting containerized environments such as Kubernetes, Docker, OpenShift, AKS, EKS, GKE, or similar platforms
Ability to assess vulnerabilities in container images, base images, package dependencies, Kubernetes manifests, Helm charts, admission controls, container runtimes, and cluster configurations
Working knowledge of container security controls and hardening practices, including image scanning, least privilege, non-root containers, secrets handling, network policies, RBAC, pod security standards, and runtime monitoring
Strong understanding of how applications interact with underlying infrastructure, including operating systems, containers, container registries, orchestration platforms, service meshes, cloud services, and CI/CD pipelines
Proficiency in scripting languages (Python, PowerShell, Bash;PERL a plus).
Knowledge of vulnerability management, attack surface management, cloud security posture management, container security posture management, and exposure management concepts
Familiarity with OWASP testing methodologies and common application/system vulnerabilities.
Understanding of system and application security threats and vulnerabilities (e.G., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)
Understanding and familiarity with different operating systems (e.G., Windows and LINUX/UNIX systems)
Experience with SIEM platforms for detection validation and log analysis.
Excellent communication skills for translating technical findings into business risk narratives.
Ability to think like an attacker—creative, persistent, and detail-oriented in identifying weaknesses.
Ability to thrive in a fast-paced environment, demonstrating adaptability and flexibility in response to changing priorities and emerging threats.
Experience driving discussions and consensus across a broad group of stakeholders and cross functional teams regarding security recommendations and mitigation strategies.
Demonstrates strong critical thinking and curiosity, essential for effectively analyzing and addressing security threats and vulnerabilities.

Job Responsibilities:

Leverage hands-on knowledge of containerized environments to evaluate vulnerabilities, determine potential impact to workloads and supporting platforms, and escalate validated risks to appropriate remediation owners.
Support day-to-day operations of the exposure management program, including data review, report processing, and trend analysis. Track remediation of identified risks and mitigation strategies and escalate findings to key stakeholders.
Analyze potential security risks, determine applicability to containerized and traditional environments, and conduct attack path mapping to ensure the highest risk exposures are being addressed first.
Assess Kubernetes and Docker-related exposures, including vulnerable images, excessive privileges, insecure runtime settings, weak RBAC, exposed APIs, misconfigured network policies, secrets exposure, and insecure deployment patterns.
Partner with platform, infrastructure, application, and DevOps teams to recommend practical mitigations that reduce exposure without unnecessarily disrupting application delivery or operational reliability.
Provide actionable insights and offensive-driven recommendations to harden systems, container images, workloads, clusters, pipelines, and supporting infrastructure to reduce attack surface.
Maintain situational awareness of the threat landscape, including zero-days, CVEs, and novel exploitation methods.
Partner with stakeholders to prioritize remediation based on risk exposure and potential adversary gap.
Collaborate with peers from across the organization and maintain excellent working relationships with key partners across Technology Organization functions and business partners.
Demonstrate Southern Company values of Safety First, Intentional Inclusion, Superior Performance, and Act With Integrity

Job Requirements:

Required to submit to a thorough background examination
Ability to understand business requirements and present appropriate solutions
Ability to work independently or within a team
Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
Solid verbal and written communication skills
Demonstrated critical, independent thinking;demonstrated ability to conceive and present creative solutions
Must pass NERC CIP & Insider Threat Protection background checks
One or more relevant industry certifications preferred (i.E., CKS, CKAD, CKA, OSCP, CEH, GSEC, CISSP, CISA)
Occasional travel to local and regional locations in pursuit of job duties and requirements

About the Company

Lancesoft

We are a $125 Million, NMSDC-certified Minority & Woman owned Workforce Solutions Company headquartered in the DC metro area with presence across US with global presence - Canada, Mexico, India, UK, Malaysia, Indonasia, Hongkong, Singapore, UAE. We are specialized in providing Workforce Solutions, SOW project delivery, Engineering Solutions, Creative Services. We currently support 100+ Fortune companies globally and across multiple industry segments. We are currently supporting several massive programs across industry segment nationally/globally (Intel, Ally, AMD, QUALCOMM, Morgan Stanley, Kraft/ Mondelez, MNP, Amdocs, Dell, SanDisk, Medtronic, Becton Dickinson, GE, Lockheed Martin, UTC, L-3 Communications, Caterpillar, BMW, Mercedes Benz, National Grid, Dominion, Energy Future Holdings, PSEG, 3M, Fidelity, Aetna, Humana, Johnson & Johnson, Pfizer, Merck etc).

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, identity, national origin, disability, or protected veteran status.

COMPANY SIZE

2,000 to 2,499 employees

INDUSTRY

Staffing/Employment Agencies

FOUNDED

2000

WEBSITE

http://www.lancesoft.com/

Resume Resources

Free Resume Templates Free Resume Builder