Security Analyst, Vulnerability Management
Apply NowCompany: Abacus Service Corporation
Location: Seattle, WA 98115
Description:
Department: Risk & Security - Information Security : 10404
Info Sec Job Category: nalytics Job Code: Job Title: Security Analyst, Vulnerability Management Keywords: Number of Positions: 1 Remaining Positions: 1 Duties:
As a Information Security Technical Analyst on the Vulnerability Management Program you will support ongoing triage and case management of newly discovered and reported vulnerabilities. This analyst will be engaging with all parts of the Information Security organization including Security Partners, Security Engineers and other subject matter experts from the cross-functional teams, as well as Product Business representatives to ensure business teams are informed of the potential risks and impacts of the vulnerabilities and make informed decisions on vulnerability remediations. Areas of responsibility include but are not limited to:
Info Sec Job Category: nalytics Job Code: Job Title: Security Analyst, Vulnerability Management Keywords: Number of Positions: 1 Remaining Positions: 1 Duties:
As a Information Security Technical Analyst on the Vulnerability Management Program you will support ongoing triage and case management of newly discovered and reported vulnerabilities. This analyst will be engaging with all parts of the Information Security organization including Security Partners, Security Engineers and other subject matter experts from the cross-functional teams, as well as Product Business representatives to ensure business teams are informed of the potential risks and impacts of the vulnerabilities and make informed decisions on vulnerability remediations. Areas of responsibility include but are not limited to:
- Assess and maintain the incoming flow of vulnerability cases including CVE notifications, Cloud based vulnerabilities, Cloud Misconfigurations and access control issues.
- Analyze business unit remediation and case closure metrics providing for guardrails on case and remediation quality.
- Facilitate proper owner identification when not auto populated by our scanners and related tools.
- Assess and report on case backlog including identification of case trends by application, business unit or other relevant factors.
- Partner across the Security teams to identify areas of risk and work closely with business teams to make informed risk-based decisions
- Assist in producing meaningful metrics and reports for customer and leaderships on organizational vulnerability health.
- Identify vuln cases that are 'stuck' in their life cycle and work with Vulnerability program pears to unstick the case
- Support operational and business unit program reviews with data analytics and reporting support
- Fundamental knowledge of security principles; ability to demonstrate an understanding of information security, such as threats and vulnerabilities.
- Technical mindset of problem-solving with a strong work ethics, motivated and results driven
- Ability to work independently and in a collaborative environment
- Excellent communication and interpersonal skills
- Effective organizational skills and ability to manage priorities
- Technical Degree from an accredited college or university and a mimimum of 2 year of experience in Information Security, Information Technology or related work experience