*Cyber Vulnerability Specialist

Zurich Services (Schaumburg, IL) seeks a Cyber Vulnerability Specialist to plan and carry out security measures to protect Zurich’s computer networks and systems. Specific duties include:

1. Collaborating with other security teams, such as incident response, threat intelligence, and 3rd party vendors to coordinate vulnerability management efforts and ensure timely resolution of identified vulnerabilities (15%);
2. Participating in supplier assurance management and identifying gaps in services provided leading to identification of areas for improvement (10%);
3. Providing technical expertise on aspects of the organization's IT security to internal customers, advising them of appropriate actions to fulfill procedural and regulatory requirements or solve immediate problems (30%);
4. Preparing draft manuals based on the accepted changes to IT policies and procedures, to ensure they are up-to-date and reflect the new cyber security policies, and that internal partners and external suppliers are in line with service level agreements, risk and compliance (5%);
5. Acting as a technical expert in vulnerability management, conducting process reviews and initiating change in order to contribute to continuous improvement of services to internal customers (25%);
6. Assisting cyber security projects to identify and align business and technical security requirements, design security controls, and test their effectiveness ensuring the product implemented addresses both business and security needs (10%);
7. Recognizing legal, regulatory and ethical requirements within own area of responsibility and applies adoption of requirements, ensuring minimum baseline compliance (5%).

Position requires CompTIA Security Analytics Professional (CSAP) and AWS Cloud Technical Essentials certifications. Option to work remotely from anywhere in the U.S.

Position requires a Bachelor’s degree, or foreign equivalent, in Computer Science, or a closely related field of study, plus 5 years of experience in the job offered, or as a Cyber Security Analyst, or similar position planning and carrying out security measures to protect computer networks and systems. Must have 5 years of experience in cybersecurity or security governance with a focus on vulnerability management. Must also have 3 years of experience with each of the following:

1. Developing and implementing vulnerability management programs;
2. Conducting vulnerability assessments;
3. Configuring operational and administration related parameters such as roles and permissions, user attributes regions, or activity patterns;
4. Identifying, categorizing, prioritizing, and resolving vulnerabilities in IT infrastructures;
5. Handling real-time and near real-time threat intelligence feeds;
6. Working with common cybersecurity frameworks including CIS;
7. Working with intrusion detection and prevention systems.

Additionally, specific experience must include working with each of the following:

1. Qualys;
2. Wireshark;
3. Nmap;
4. ServiceNow;
5. Risk assessment;
6. Mitigation and remediation strategies;
7. Incident response;
8. Cybersecurity reporting;
9. Cloud computing platforms including AWS, Azure, and GCP.

Must be certified CompTIA Security Analytics Professional (CSAP) and AWS Cloud Technical Essentials. Option to work remotely from anywhere in the U.S.

Full time position. Apply by submitting your resumes at Zurichna.com/en/careers, Job ID: 122008.

Zurich maintains a comprehensive employee benefits package for employees as well as eligible dependents and competitive compensation.

Zurich in North America is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.