Attack Surface management

The VOC VI & ASM Analyst will be part of a team responsible for monitoring and identifying vulnerabilities as well as proactively assessing their threat . The team also provides

comprehensive feedback and guidance on detected vulnerabilities to assist Security Officers and Application Manager on the remediation part.

This role takes a holistic approach to identifying newly published vulnerabilities and contextualizing them to company environment as well as tracking potential external entry points to systems and data.

The VOC VI & ASM Analyst is responsible for:

Vulnerability Intelligence (VI):

o Monitor new vulnerabilities and assess their criticality and risk severity based on threat, exploit

availability, ease of exploit, impact, …

o Communicate and publish an assessment on vulnerabilities related to software

o Maintain timely, high-quality vulnerability bulletins, prioritizing issues against the Group’s asset

exposure

o Update on a regular basis our software inventory in the scope of Vulnerability Assessment

Service

o Keep the vulnerability database up to date; enrich each CVE and security bulletin with QDS,

EPSS, CVSS metrics, …

Attack Surface Management (ASM):

o Operate continuous monitoring of external assets via ASM Security tools

o Update on a regular basis the coverage of ASM tools, by adding known domains and IP ranges

o Assess the severity of the findings and confirm their presence (review, challenge, FP assessment,

o Track and report exposure trends; escalate high-risk findings to Blue-Team remediation owners

o Build and use the external footprint to proactively identify new threats and new vulnerabilities

o Leverage ASM tools to proactively identify external assets subject to newly published

vulnerabilities

BlackBox Pentesting:

o Drive proactive follow-up on detected vulnerabilities, engaging system owners and tracking

remediation to closure

o Active follow up with Application managers to onboard new application in the BlackBox

Pentesting service

Vulnerability Management:

o Vulnerability review, recategorization, and false positive identification

o Proactive vulnerability testing and replay

o Pre-analyze and consolidate vulnerability data from various scanning tools

o Prepare concise syntheses of available vulnerabilities

o Offer guidance to the SO and CISO on vulnerabilities

o Collaborate with key stakeholders to develop strategies for vulnerability management

Scripting and automation:

o Automate data extraction and data push from VI and ASM tools to DataLake tools

o Build automation workflows to streamline vulnerability identification, assessment, and reporting

o Collaborate with the offensive and defensive teams to enhance vulnerability assessment and

testing

Bachelor degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus

 Proven experience (6+ years) working within the Cybersecurity field, with emphasis on security platform implementation & administration

 Experience on Penetration testing actions (web application, infrastructure, …)

 Experience with security scanning tools

 Experience with VI and ASM tools

 Experience in investigating newly published vulnerabilities and assessing their risks and severity

 Experience with scripting languages (e.g., Python, Bash, Powershell, C#, …) for automation and customization of security processes is a plus

 Experience with Pentester tools (Burp, SQLmap, Metasploit, Kali environment, …)

 Strong technical skills with an interest in open-source intelligence investigations

 Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins

 Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders.

Personal Skills

 Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills &

experience

 Excellent ability to think critically under pressure

 Strong communication skills to convey technical concepts clearly to both technical and non-technical

stakeholders

 Willingness to stay updated with evolving cyber threats, technologies, and industry trends

 Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust

security measures