Share this Job

Vulnerability Analyst

Date: Aug 6, 2022

Location: Atlanta, GA, US, 30308

Company: Norfolk Southern Corp.

#LI-EB23 #LI-Hybrid


Job Description

Working at Norfolk Southern is a unique experience, where heritage, stability, and innovation live together.  Norfolk Southern is one of the largest railroad operators in the country and provides premium shipping service and reliable logistics solutions for customers in 22 states and the District of Columbia.  In combination with business partnerships and connections with other carriers, NS ships every product imaginable to and from any destination, linking communities and customers to the marketplaces of the world.


New employees choose to join Norfolk Southern because they love our people and culture, they get to work with leading edge technologies, and they are faced with extremely complex and critical problems to solve that have great impacts on a significant part of the supply chain in North America.  At Norfolk Southern, our mission is to be the safest, most customer-focused, and successful transportation company in the world.  In today’s fast-paced, tech-driven marketplace, Norfolk Southern recognizes that advanced technologies must be deployed across all areas of the business. 


We are seeking an individual who will actively lead collaborative interactions with IT Security, infrastructure and application teams to manage vulnerabilities in the infrastructure environments. The analyst will seek continuous improvement of the infrastructure’s vulnerability program and provide recommendations for securing operations. They will work with various teams to ensure the proper tools are being used to gather effective vulnerability statistics. They will assess infrastructure vulnerability and patching reporting results and determine the appropriate remediation steps. The analyst will work with IT Managers to ensure the successful delivery of projects. The individual will often communicate with customers and peers, conduct presentations, collaborate, and multitask.

Principal Accountabilities:

  • Develop patching schedules and vulnerability remediation plans for the infrastructure and application development groups.
  • Collaborate with IT Security to review vulnerability and threat reports using various discovery tools and determine optimal action plans.
  • Review patch release notes for 3rd party applications and infrastructure operating systems and determine compatibility, upgrade processes, and remediation strategies.
  • Monitor patch management installations and resolve configuration management issues.
  • Report patching activity and results across a range of maintenance schedules to Senior Management.
  • Assist business units with developing maintenance windows that meet requirements for patch cadence while reducing impact to normal business operations.
  • Create knowledge articles to document software patch deployment and remediation tasks.
  • Work with software patch distribution vendors to resolve complex technical issues.
  • Participate in routine audits of patching activity to confirm all updates are being applied and reported correctly.
  • Act as a liaison representing various infrastructure support teams to coordinate vulnerability management monitoring and remediation, audit cases, and reporting results.
  • Communicate project goals and scope to the project team and clearly communicate expectations of the effort.
  • Effectively track and manage project risks and issues to resolution. Ensure escalation of issues to management when necessary.


  • The incumbent must possess a solid understanding of vulnerability management and have held positions in information security and infrastructure systems administration.
  • The incumbent must have an understanding of Windows and Linux operating systems, endpoint applications, server and storage hardware and networking protocols. He/she must possess some experience with vulnerability management across various cloud providers (AWS, GCP, Azure)
  • The incumbent must be proficient with analyzing results of vulnerability management solutions such as Qualys and Tenable. They will determine optimal remediation plans from vulnerability scans and reports.
  • The incumbent will maintain a good understanding of the technology used in the infrastructure systems and maintain an understanding of impacts to infrastructure due to vulnerability and patching remediation.
  • The incumbent is expected to maintain a high level of rigor to stay up to date with advancements in technology while also retaining knowledge of older systems and applications in use.
  • The incumbent must have and use good communication skills to collaborate with several IT infrastructure teams, application development and IT Security.
  • The incumbent must have strong leadership. They will need to possess strong analytical and problem- solving skills with timely decision-making capabilities. The ability to multitask, prioritize assignments and exert strong interpersonal and customer service skills will be important. The individual should be highly motivated and self-directed with the ability to see the longterm vision.  
  • The incumbent must have excellent written, verbal and presentation skills.
  • The incumbent must possess 5+ years of experience in infrastructure system support, cybersecurity, information systems operations, compliance and risk management in various technology fields. Technical project management is desired, Project Management Institute (PMI), and/or Project Management Professional (PMP) certification is also a plus. He/she must have advanced analytical, planning, and organizational skills.

Company Overview

Norfolk Southern Corporation (NYSE: NSC) is a Fortune 300 organization and one of the nation’s premier transportation companies. Its Norfolk Southern Railway Company subsidiary operates approximately 19,500 route miles in 22 states and the District of Columbia, serves every major container port in the eastern United States, and provides efficient connections to other rail carriers. Norfolk Southern is a major transporter of industrial products, including chemicals, agriculture, and metals and construction materials. In addition, the railroad operates the most extensive intermodal network in the East and is a principal carrier of coal, automobiles, and automotive parts.


At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.


Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation, and gender identity. Together, we power progress.


Nearest Major Market: Atlanta