Vulnerability Management Security Analyst

Job Description

Vulnerability Management Security Analyst

In this role, you will need to have a strong understanding of vulnerability management in the dynamic infrastructure scanning space. You will need to be familiar with multiple technology stacks, patch management, and security scanning tools.

Major areas of accountability

  • Executes and coordinates IT Vulnerability management efforts across Thomson Reuters, based on industry standards, best practices, and established policies.
  • Conduct regular vulnerability assessments against core internal and external infrastructure and report on status, priority remediation actions and other measures required to maintain adequate security.
  • Optimizes and ensures the continued and effective operation of information security controls of vulnerability management, risk management, and compliance
  • Evaluates remediation plans and provides consultative support for the implementation of remediation steps, standards, and best practices.
  • Collaborates to promote the implementation of security best practices and policies within existing systems and new products/systems.
  • Works with business partners and infrastructure management to ensure that policies and standards address the security requirements of the business.
  • Assists with establishing metrics and monitors accordingly to report the effectiveness and efficiency of the Vulnerability management program.
  • Understands and considers industry trends, customer needs, business risk tolerance, and business environments relating to information security.
  • Understands and communicates potential vulnerabilities, and control techniques
  • Contributes to and maintains documented policies, standards, and procedures for vulnerability management requirements.
  • Actively researches and analyses current IT security trends, methodologies, issues, technologies, and regulatory requirements

Required Skills:
  • Strong technical knowledge and experience needed in areas of vulnerability assessment, risk-based analysis, and vulnerability mitigation.
  • Intermediate understanding of network technologies such as TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching.
  • Intermediate knowledge of the following platforms in an enterprise environment - Microsoft Windows, Solaris, Linux.
  • Preferred experience with solutions by Qualys (or other infrastructure scanning tools).
  • Ability to understand and weigh business risks and communicate appropriate information security measures.
  • Excellent problem diagnosis and analytical skills.
  • Self-starter, able to work with minimal supervision and ability to learn new skills quickly with minimal guidance.
  • Excellent communication skills in English, both written and verbal
  • Dedicated to achieving project schedules and milestones.
  • Ability to work in a team environment with tight deadlines and multiple priorities while staying a team player.
  • Strong personality, able to quickly build positive relationships within the own team and internal clients at remote sites.

At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit .

More information about Thomson Reuters can be found on

Eagan-Minnesota-United States of America;Richmond-Virginia-United States of America

Meet Some of Thomson Reuters's Employees

Lisa B.

Software Engineer, Centre of Cognitive Computing

Lisa works with other engineers to develop products that are powered by artificial intelligence and capable of machine learning. She also conducts research to identify new uses for existing company data.

Greg O.

Lead Software Engineer

Greg develops software frameworks that other software engineers use to build the company’s flagship Eikon product. He also mentors and provides technical leadership to more junior engineers on his team.

Back to top