**Company Description:**

InEight provides field-tested project management software for the owners, contractors, engineers and architects who are building the world around us. Over 575,000 users and more than 700 customers across 37 countries rely on InEight for real-time insights that help manage risk and keep projects on schedule and under budget across the entire life cycle.

From pre-planning to design, from estimating to scheduling, and from field execution to turnover, InEight has powered more than $500 million in projects globally across infrastructure, public sector, energy and power, oil, gas and chemical, mining, and commercial.

Based in Scottsdale, Arizona, InEight supports a remote work model with employees working throughout the United States, Canada, Australia, Sri Lanka and Europe. InEight, an ISO 9001:2015-registered company, is a subsidiary of Kiewit Corporation (Kiewit). Kiewit, through its subsidiaries, is one of North America’s largest and most respected construction and engineering organizations.

InEight is a fast-paced, innovative company comprised of high-energy teams of self-starters playing integral roles in shaping the future of capital projects around the world. Our industry-leading solutions, dedicated employees, and proven leadership team provide a solid foundation to support our continued growth and success.

We offer our fulltime employees a comprehensive benefits package that's among the best in our industry, including top-tier medical, dental and vision plans covering eligible employees and dependents, voluntary wellness and employee assistance programs, life insurance, disability, retirement plans with matching, and generous paid time off.

**Position Summary:**

As the Information Security Analyst (Vulnerability Management Specialist), your responsibilities include assessing risk and running continuous vulnerability monitoring of the environment, including segments requiring FedRAMP compliance. In addition to being responsible for operating the vulnerability management program of the organization, the role will drive and manage the monthly Plan of Action and Milestones (POA&M) process as part of the continuous monitoring for FedRAMP.

**Duties and Responsibilities:**

+ Perform technical and nontechnical risk and vulnerability assessments of relevant technical areas.

+ Analyze potential/reported vulnerabilities for impact and determine mitigation strategies.

+ Participate in periodic cross functional meetings to work with other business units in mitigating vulnerabilities.

+ Maintaining deployable cyber defense assessment toolkit to support vulnerability assessments.

+ Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.

+ Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.

+ Keep the organization abreast of changes to the cyber risk landscape and how the environment’s vulnerability posture is trending.

+ Serve as a source of support for other cybersecurity needs of the organization, such as alert & incident analysis, engineering. audits, and assessments.

**Requirements & Qualifications**

+ Bachelor’s degree in Computer Science or equivalent work experience

+ Minimum of 2 Years of IT and/or Cybersecurity experience

+ Relevant certifications (Security+, CySA+ SSCP, SANS GSEC, etc.) are preferred

+ Experience analyzing vulnerabilities and/or performing vulnerability assessments in complex IT environments

+ Experience with continuous improvement initiatives for information systems, such as vulnerability remediation and configuration hardening

+ Knowledge and working experience with vulnerability management systems including Tenable Core, Qualys, and/or Rapid7 InsightVM

+ Exposure to a risk management framework such as NIST Special Publication 800-53, ISO 27001, ISO 27002, HITRUST, FedRAMP, etc

+ Strong attention to detail with an analytical mindset and problem-solving skills

+ Excellent written and oral communication skills

+ Strong MS office skills (Excel, Access, Project, etc.)

+ Ability to work under pressure in a fast-paced environment

+ Ability to work in a team environment, collaborative environment with both technical and non-technical team members

+ Ability to conduct research into software issues and products as necessary

+ Ability to work independently and communicate risks or potential problems to manager

+ Eligibility to obtain a federal security clearance

InEight Inc. is an Equal Opportunity Employer, (EOE) and will consider all applications without regard to race, marital status, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law.

\#InEight #LI-Remote