Associate Vulnerability Analyst

Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls.

Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore. We have a goal of growing through build and acquisition, not selling out and becoming another one of the numbers.

The Vulnerability Associate is an entry-level role responsible for supporting the vulnerability management program within the Security Operations Center. Under guidance, the associate will conduct vulnerability scans, manage vulnerability management tools, assist with reporting, and help maintain the client infrastructure database. This role is ideal for someone looking to start their career in cybersecurity within a professional and supportive environment.

**Requirements**:
**Vulnerability Scanning & Management**:

- **Vulnerability Scans**: Conduct vulnerability scans using tools (e.g., Nessus, Qualys) under the guidance of senior team members to identify security weaknesses.
- **Ticketing**: Document and create tickets for vulnerability scan results to initiate remediation actions and track progress.
- **Toolset Management**: Ensure operational status of vulnerability management tools, collaborating with internal teams and clients for updates and changes as needed.
- **IVM Dashboard Management**: Create and manage the Integrated Vulnerability Management (IVM) dashboard to provide visibility into vulnerability status and trends.

**Client Interaction & Change Management**:

- **Change Management**: Work with clients and internal teams to implement security changes following established change control procedures.
- **Infrastructure Database Maintenance**: Maintain the client infrastructure database to allow targeted security advisories and updates.
- **Security Advisories Assistance**: Assist in creating and releasing security advisories to inform clients about critical vulnerabilities and emerging threats.

**Reporting & Health Checks**:

- **Monthly Reporting**: Gather and enter data to support monthly vulnerability reporting processes.
- **Health Checks**: Perform daily checks across client environments to ensure scanning accuracy and tool functionality.

**Process Improvement & Compliance**:

- **Process Improvement**: Identify and suggest improvements to internal processes and Standard Operating Procedures (SOPs) related to vulnerability management.
- **Compliance**: Ensure all vulnerability management activities comply with internal policies and industry standards.

**Training & Development**:

- **Training & Certification**: Complete relevant training and certifications to develop expertise in vulnerability management and cybersecurity.
- **Continuous Learning**: Actively seek opportunities for ongoing professional development within the cybersecurity field.

**Benefits**

Team culture is everything to Triskele Labs and it is the reason we exist.
We provide our team a great range of additional benefits such as:

- Additional days of leave for 'Birthday Leave' and 'Doona Day'
- Access to a professional external Employee Assistance Program (EAP) for all team members
- Social functions organised by our People & Culture Team

We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.