The Threat & Vulnerability Analyst II is responsible for the overall management lifecycle of the Threat & Vulnerability Management program. The role is technical, and candidates must possess a solid understanding of information security and preferably have held positions in cybersecurity and systems administration. They must understand applications, operating systems, networking, cloud infrastructure and advanced attacker tactics, techniques and procedures (TT - Ps). Additionally, analysts are expected to maintain a high level of rigor to stay up-to-date with advancements in technology, while also retaining knowledge of older systems and applications in use. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy. Epic or applicable certifications will be required within 6 months of hire. Responsibilities. Participates in threat hunting and penetration testing operations; detects and mitigates threats utilizing cybersecurity measures, including: Intrusion prevention and Detection, Access Control and Authorization, Policy Enforcement Security, Protocol Analysis, Firewall Management, Incident Response, Encryption, Web filtering, Advanced Threat Protection, Vulnerability Assessment, Penetration Testing, Web Application Assessment, Wireless Assessment, Social Engineering, Physical Assessment, Open Source Intelligence, Threat Modeling, Patch Management. Collaborates with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface. Works closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization’s security posture against them. Regularly researches and learns new TT - Ps in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary. Maintains an active database comprising third-party assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business. Plans and leads the organization's approach to vulnerability research. Identifies new and emerging threats and vulnerabilities. Maintains a strong external network. Takes a leading part in external-facing professional activities to facilitate information gathering and set the scope of research work. Engages with, and influences, relevant stakeholders to communicate results of research and the required response. Develops organizational policies and guidelines for monitoring emerging threats and vulnerabilities. Plans and manages vulnerability research activities. Maintains a strong external network in the area of vulnerability research. Gathers information on new and emerging threats and vulnerabilities. Assesses and documents the impacts and threats to the organization. Creates reports and shares knowledge and insights with stakeholders. Providing expert advice and guidance to support the adoption of tools and techniques for vulnerability research. Contributes to the development of organizational policies, standards, and guidelines for vulnerability research and assessment. Designs and executes complex vulnerability research activities. Specifies requirements for environment, data, resources and tools to perform assessments. Reviews test results and modifies tests if necessary. Creates reports to communicate methodology, findings and conclusions. Advises on deception methods by exploiting identified patterns. Makes an active contribution to research communities. May be part of an after-hours on-call rotation. Minimum Requirements. Education. Bach Deg and/or Equivalent Exp. Experience 2-5 years. Preferred Requirements. Education. Bachelor's Degree. Experience 10 years. Supervisor Experience. No Experience. Licenses & Certifications. Cert Info Systems Manager. CISSP - Certified Ethical Hacker (CEH)Healthcare Information Sec Benefits and