Attack Surface Reduction Analyst

WHAT YOU LL DO

Attack Surface Reduction Analyst

WHO YOU LL WORK WITH

Attack Surface Reduction

Key Responsibilities:

• Conduct comprehensive

  vulnerability assessments (VA) and penetration tests (PT)

  on H&Ms systems, networks, and applications.
• Utilize industry-standard tools and methodologies to identify potential vulnerabilities and weaknesses in our attack surface.
• Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in a timely manner.
• Experience in designing, implementing, and managing vulnerability management processes and workflows.
• Facilitate and manage penetration testing engagements with third-party vendors.
• Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface.
• Develop and maintain security policies and procedures for our organizations systems, applications, and networks.
• Monitor our organizations systems, applications, and networks for unauthorized access, suspicious activity, and other security threats.
• Stay up to date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques.

WHO YOU ARE

• Bachelors degree in computer science, information security, or a related field.

• 3-5 years

  of experience in

  vulnerability scanning,

  vulnerability management,

  and

  penetration testing.

• Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices.
• Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing.
• Proficient in using industry-standard vulnerability assessment and penetration testing tools (e.g., Kali Distro, Qualys, Burp Suite, etc.).
• Familiarity with industry frameworks and standards, such as NIST, OWASP, and CIS.
• Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders.
• Excellent analytical, problem-solving, and communication skills.

• Relevant certifications

  , such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus.

WHY YOU LL LOVE WORKING HERE

JOIN US

Our uniqueness comes from a combination of many things our inclusive and collaborative culture, our strong values, and opportunities for growth. But most of all, it s our people who make us who we are.

Take the next step in your career together with us. The journey starts here.

ADDITIONAL INFORMATION