Security Analyst, Vulnerability Management

at CorTech LLC
Location San Francisco, California
Date Posted June 24, 2022
Category Engineering
Job Type Not Specified

Description

Duties: As a Information Security Technical Analyst on the Vulnerability Management Program you will support ongoing triage and case management of newly discovered and reported vulnerabilities. This analyst will be engaging with all parts of the Information Security organization including Security Partners, Security Engineers and other subject matter experts from the cross-functional teams, as well as Product Business representatives to ensure business teams are informed of the potential risks and impacts of the vulnerabilities and make informed decisions on vulnerability remediations. Areas of responsibility include but are not limited to:

Assess and maintain the incoming flow of vulnerability cases including CVE notifications, Cloud based vulnerabilities, Cloud Misconfigurations and access control issues.
Analyze business unit remediation and case closure metrics providing for guardrails on case and remediation quality.
Facilitate proper owner identification when not auto populated by our scanners and related tools.
Assess and report on case backlog including identification of case trends by application, business unit or other relevant factors.
Partner across the Security teams to identify areas of risk and work closely with business teams to make informed risk-based decisions
Assist in producing meaningful metrics and reports for customer and leaderships on organizational vulnerability health.
Identify vuln cases that are 'stuck' in their life cycle and work with Vulnerability program pears to unstick the case
Support operational and business unit program reviews with data analytics and reporting support

Skills:
Fundamental knowledge of security principles; ability to demonstrate an understanding of information security, such as threats and vulnerabilities.
Technical mindset of problem-solving with a strong work ethics, motivated and results driven
Ability to work independently and in a collaborative environment
Excellent communication and interpersonal skills
Effective organizational skills and ability to manage priorities

Keywords:
Education:
Technical Degree from an accredited college or university and a mimimum of 2 year of experience in Information Security, Information Technology or related work experience

Drop files here browse files ...