Tuppl

About the Company

Tuppl is a minority-owned, premier tech consulting and Healthcare & IT staffing firm, committed to delivering cutting-edge IT and Healthcare solutions that empower our clients' next big initiatives. As a full-service technology consulting and staffing firm, we bring specialized expertise in data-driven solutions, product management, software development, and both temporary and permanent staffing to Fortune 500 clients across diverse sectors, including healthcare. With decades of experience serving top-tier companies, we've developed a proven methodology designed to address complex business challenges and drive meaningful results for our clients.

Listed Jobs

Company Name

Tuppl

Job Title

Security & Vulnerability ::: Dallas, Texas

Job Description

Job Title: Security Analyst Role Summary: Conduct independent vulnerability management by sourcing data, performing scans with proprietary tools, and prioritizing remediation with IT teams. Generate metrics, reports, and optimize alert policies while integrating large data sets into operational systems. Expectations: Accurately analyze and document vulnerability findings; manage scan schedules and escalation; apply security frameworks and benchmarks; propose AI-driven improvements; maintain clear communication of risks and mitigation plans. Key Responsibilities: - Import and classify third‑party vulnerability data into the management platform, ensuring complete exposure coverage. - Identify high‑impact vulnerabilities and recommend mass‑mitigation opportunities. - Communicate findings and remediation priorities to cross‑functional teams. - Escalate unresolved vulnerabilities beyond defined SLAs. - Configure scanning tools (e.g., Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei) and oversee scan execution. - Develop and track KPIs/metrics for departmental performance. - Explore and recommend AI solutions to enhance vulnerability handling. - Integrate logs and large data sets via Splunk, Azure Event Hubs, Kafka, or syslog pipelines. - Apply CIS benchmarks, STIGs, and hardening standards to web applications, containers, and network configurations. Required Skills: - Deep knowledge of HTTP, SMTP, DNS, PKI, encryption, CWEs, CVEs, SAML, Kerberos, OAuth, OIDC, LDAP. - Proficiency with vulnerability scanners (Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei). - Experience with web application scanners and WAFs; container security. - Familiarity with CIS benchmarks, STIGs, and other hardening frameworks. - Programming/scripting: Python, PowerShell. - CI/CD: Jenkins. - Data onboarding in Splunk (indexes, sourcetypes, data models, forwarders, HECs). - Experience with cloud event hubs, Kafka, syslog; EDR tools such as Sentinel, Defender, Crowdstrike. Required Education & Certifications: - Bachelor’s degree in Information Technology, Computer Science, or related field is a plus, not mandatory. - Relevant security certifications (e.g., CISSP, CEH, SSCP) preferred but not required.

Dallas, United states

Hybrid

09-12-2025