Senior Cybersecurity Incident Responder - Vulnerability Management
Overview
BTVK Advisory is a leading advisory firm whose specialized professionals guide clients through an ever-changing business world, helping them win now and anticipate tomorrow. BTVK Advisory, and its affiliated entities, have operations in North America, South America, Europe, Asia, and Australia. BTVK Advisory’s ultimate parent entity, Baker Tilly US, LLP, is an independent member of Baker Tilly International, a worldwide network of independent accounting and business advisory firms in 141 territories, with 43,000 professionals and a combined worldwide revenue of $5.2 billion.
Baker Tilly is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status, gender identity, sexual orientation, or any other legally protected basis, in accordance with applicable federal, state or local law.
To be added to all ET through Experienced requisitions Any unsolicited resumes submitted through our website or to Baker Tilly Advisory Group, LP, employee e-mail accounts are considered property of Baker Tilly Advisory Group, LP, and are not subject to payment of agency fees. In order to be an authorized recruitment agency ("search firm") for Baker Tilly Advisory Group, LP, there must be a formal written agreement in place and the agency must be invited, by Baker Tilly's Talent Attraction team, to submit candidates for review via our applicant tracking system.
Job Description:
Responsibilities:
- Administer and maintain the Rapid7 InsightVM platform, ensuring effective scan engine performance, asset coverage, site configuration, and authenticated scanning.
- Manage vulnerability scanning across on-premises, cloud, and remote environments, ensuring comprehensive coverage and alignment with operational and threat intelligence requirements.
- Analyze vulnerability findings, validate results, eliminate false positives, and assess exploitability and business risk.
- Prioritize vulnerabilities using CVSS scores, threat intelligence, exploit availability, and business impact to drive risk-based remediation.
- Correlate vulnerability data with security advisories, active threats, exploitation activity, and ongoing incidents to provide contextual risk assessments.
- Develop and maintain dashboards, reports, and metrics on vulnerability trends, remediation performance, and overall security posture for leadership and audit stakeholders.
- Support internal and external audits by providing evidence and documentation related to vulnerability identification, prioritization, and remediation activities.
- Monitor and analyze security alerts across platforms including Microsoft Defender, Sentinel, ReliaQuest, LogRhythm, and other security tools, while investigating and responding to cybersecurity incidents.
- Conduct incident response activities including containment, eradication, recovery, root cause analysis, post-incident reviews, and maintenance of accurate incident documentation.
- Collaborate with internal teams, external partners, and global stakeholders to enhance security operations, refine incident response playbooks, and participate in shared on-call support rotations.
Qualifications :
- Bachelor's degree is mandate, equivalent in Computer Science, Artificial Intelligence, Software Engineering, or a related field;
- Minimum 3 years of experience cybersecurity incident response, vulnerability management, or related security operations roles.
- Hands-on expertise with Rapid7 InsightVM, including scan management, asset coverage, and vulnerability analysis.
- Experience with Microsoft Defender suite (Defender for Endpoint, Defender for M365) and Microsoft Sentinel, including KQL-based investigations.
- Proficiency with SIEM and security monitoring platforms such as ReliaQuest, LogRhythm, or equivalent, as well as CyberArk and cloud security monitoring (AWS, Azure Security Center).
- Strong skills in threat hunting, vulnerability assessment, incident triage, and endpoint detection and response (EDR) tools.
- Solid understanding of the vulnerability management lifecycle, threat detection methodologies, exploit analysis, and incident response frameworks.
- Relevant cybersecurity certification required (CISSP preferred; CEH, GIAC, or Microsoft Security certifications acceptable).
- Excellent written and verbal communication skills in English, with the ability to document findings and communicate effectively with stakeholders.
- Experience supporting global teams, particularly U.S.-based stakeholders, within a distributed or remote operating model is preferred.
Job Details
Experience
Senior · 3+ yrs