Cyber Attack Surface Management Analyst

, the role requires strong communication and collaboration skills to engage with asset owners, IT teams, and business stakeholders across the organization
The analyst will help drive awareness of external risks, support secure asset lifecycle management, and contribute to the overall maturity of Unilevers cyber defense capabilities Main Accountabilities External Asset Discovery & Mapping Use EASM tools (e g , Mandiant, Wiz, Qualys) to identify and catalog Unilevers external-facing assets Perform continuous monitoring to detect changes in the external attack surface Reconnaissance & Threat Identification Utilize OSINT and reconnaissance tools (e g , Shodan, FOFA, Censys) to identify exposed services, misconfigurations, and potential vulnerabilities Correlate findings with threat intelligence to assess risk and prioritize remediation Risk Assessment & Reporting Collaborate with vulnerability management and security operations to triage and remediate high-risk exposures Provide regular reports and dashboards on EASM findings, trends, and KPIs Collaboration & Process Improvement Work with IT and cloud teams to validate asset ownership and ensure secure configurations Contribute to the development of EASM processes, playbooks, and automation strategies Skills Key Skills and Relevant Experience Strong understanding of internet protocols, DNS, SSL/TLS, and cloud infrastructure Proficiency with EASM and OSINT tools (e g , Mandiant, Wiz, Qualys, Shodan, FOFA) Ability to analyze large datasets and identify patterns or anomalies Excellent communication skills to convey technical findings to non-technical stakeholders Familiarity with vulnerability management and threat intelligence workflows Experience 35 years of experience in cybersecurity, with at least 12 years in EASM, threat intelligence, or vulnerability management Experience with cloud platforms (Azure, AWS, GCP) and their security configurations Knowledge of security frameworks such as MITRE ATT&CK, NIST CSF, or CIS Controls Relevant certifications (e g , CEH, OSCP, Security+, GIAC GOSI) are a plus Note "All official offers from Unilever are issued only via our Applicant Tracking System (ATS) Offers from individuals or unofficial sources may be fraudulentplease verify before proceeding "