Cyber Security Analyst II

The duties of the analyst includes managing and optimizing our vulnerability and patch management process. Your mandate will include the proactive identification and efficient monitoring and remediation of security vulnerabilities across our entire IT landscape. You will collaborate closely with cross-functional teams across the Americas platform and with Head Office to develop and implement robust patch management strategies and processes. In this consulting engagement, you will drive daily operations, lead initiatives to enhance our Americas CIB Vulnerability Patch Management program and provide expert guidance. You will be responsible for developing and presenting key performance indicators (KPIs), adapting to key risk indicators (KRIs), and advancing the program through a sophisticated, risk-based approach. Your strategic recommendations and execution will be crucial in focusing remediation efforts and providing clear insights to key stakeholders.

The Vulnerability Patch Management analyst will

• Drive the full vulnerability patch management lifecycle: identification, prioritization, and remediation for all infrastructure, systems, applications, and SDLC.
• Deliver consistent, high-quality VPM reporting to leadership and relevant teams.
• Collaborate extensively with IT stakeholders across the Americas, Head Office, and international platforms.
• Assess vulnerability impact and risk levels to inform strategic remediation.
• Prioritize patch deployments and manage SLA breaches, developing and executing follow-up plans.
• Design and enhance VPM procedures and processes.
• Participate in vulnerability assessments and track software/system updates.
• Strengthen compliance and adherence to security best practices and approved tools.
• Liaise with Second Line of Defense and auditors.
• Coordinate the development and maintenance of a comprehensive patch management strategy.
• Assist IT teams with timely vendor patch acquisition and deployment.
• Monitor and report on patch management effectiveness, implementing improvements.
• Stay current on industry best practices and emerging threats.
• Provide backup support for cybersecurity projects, incidents, and audit remediation.
• Be available for off-hours support as needed to address emergent threats.

• Proven experience in vulnerability management, patch management, or related security roles with oversight of Plans of Action and Milestones (POAM).
• Strong understanding of common security vulnerabilities and the ability to assess their impact on systems and infrastructure.
• Experience with vulnerability management and SIEM tools.
• Familiarity with security, IT Audit frameworks and standards (NIST. FFIEC handbooks etc.)
• Excellent communication and collaboration skills for management presentation materials and ability to work effectively with cross-functional teams.
• Experience on reporting and analysis tools is required - PowerBl, Advanced Excel/PowerQuery.

• Bachelor's degree in computer science, Information Security, Cyber Security, or related field.
• Relevant certifications such as CISSP, CRISC, CISM, SECURITY or equivalent are a plus

Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.

Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.