Senior Specialist managing regional regulatory projects and supporting compliance systems for healthcare company. Implementing digital strategy initiatives and collaborating with stakeholders through process improvement.
TI
Hybrid Junior Vulnerability Management and Compliance Analyst
Posted 3 months ago
About the role
- Junior Analyst in Vulnerability Management and Compliance at Tempest, focusing on technical guidance and vulnerability assessments. Collaborating with experts and working in a tech-driven environment.
Responsibilities
- Execute scans using VA tools (Tenable, Qualys, Fortra VM, or similar).
- Analyze identified vulnerabilities, assess initial severity, and assist with prioritization.
- Perform post-remediation validations and help investigate false positives.
- Analyze configurations and compliance deviations.
- Support baseline reviews (GPO, CIS, and internal benchmarks).
- Propose recommendations to improve security posture, under guidance from mid/senior team members.
- Monitor remediation metrics and record evidence submitted by clients.
- Document analyses and deliverables in Tempest's ticketing platform.
- Prepare technical reports and concise executive summaries.
- Use Python (or an equivalent language) for basic automation.
- Create simple scripts for data processing, spreadsheet generation, and analysis optimization.
- Follow team processes and contribute to operational improvements.
Requirements
- Foundations of Information Security (CIA — confidentiality, integrity, availability — and risk) and understanding of vulnerabilities (CVSS, impact, technical description).
- Technical English (reading and writing; conversational fluency is a plus).
- Basic knowledge of a programming language (Python, PowerShell, Go, or similar), including automation concepts, scripting, and simple pipelines (e.g., Python + Bash + Pandas).
- Basic knowledge of frameworks/methodologies such as CVSS, MITRE ATT&CK, NIST CSF, or ISO 27001.
- Foundations of networking and operating systems, including basic TCP/IP, ports, protocols, and basic network modeling.
- Prior experience (including internships) in Vulnerability Management, SOC, GRC, Infrastructure, IT, offensive security, or technical support.
- Experience or familiarity with tools such as Tenable.sc / Nessus, Qualys VMDR, Fortra VM, Rapid7, or similar.
- Experience with lightweight scripting (Python, PowerShell, or Bash) for automation, including API queries and basic data manipulation.
- Ability to interpret results and support analyses using these tools.
- Basic use of Windows and Linux, with knowledge of GPO, Active Directory, system hardening, and CIS benchmarks.
- Intermediate spreadsheet skills (Excel or Google Sheets).
Benefits
- Health insurance;
- Dental insurance;
- TotalPass — physical health and wellness;
- Childcare allowance per child;
- Empresa Cidadã: 6-month maternity leave;
- Home office allowance for fully remote employees;
- Flash Card — greater flexibility;
- Work arrangements: On-site, Hybrid, or Remote;
- Day Off — one day off to celebrate your birthday;
- Profit Sharing (PLR);
- Quarterly Revenue Target (MFT);
- Internal training/course program;
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Leitung des Vertrags - und Versicherungsmanagements bei Klinikum Bayreuth. Verantwortung für Compliance und Schadensmanagement in einer spezialisierten Einrichtung der Maximalversorgung.
Manager Datenschutz & Compliance for Stadtwerke Potsdam GmbH maintaining data protection standards and compliance processes. Ensure transparency and auditable systems in data management across services.
Chargé de conformité environnementale & RGPD pour une entreprise digitale avec une forte Human Touch. Assurer la mise en conformité environnementale et de protection des données dans l'entreprise.
LA
Governance, Risk & Compliance Officer focusing on data protection in a renowned international trading company. Overseeing GRC structures and compliance with data protection regulations.
Director of Logistics supporting Patrick Industries' logistics operations and ensuring regulatory compliance. Leading improvements in transportation efficiency and managing fleet operations across the U.S. and beyond.
Director of Risk & Compliance at Futurpreneur, leading credit adjudication and compliance for young Canadian entrepreneurs. Overseeing loan processes and coaching a team of professionals in a hybrid setting.
Regulatory Specialist I conducting regulatory activities for health care facilities across Florida. Prepares reports, manages files and provides support for QA reviews in the agency.
Senior Compliance Analyst ensuring adherence to regulatory requirements for financial crime and AML processes within a hybrid working environment.
Regulatory Senior Systems Specialist overseeing compliance for facilities operations at Banner Health. Managing inspections, documentation, and regulatory staff while ensuring workflow integrity and safety standards.