Information Security Analyst - Threat Exposure and Vulnerability Management
Youll benefit from a supportive work culture that encourages you to learn, develop, and grow your career as you take on challenges and drive innovative solutions for our customers. We empower our team to push the boundaries of what is possiblewhile learning every day in a supportive leading global company. Visit our Careers website to learn more.
At Applied Materials, we care about the health and wellbeing of our employees. Were committed to providing programs and support that encourage personal and professional growth and care for you at work, at home, or wherever you may go. Learn more about our .
The candidate will support the enterprise-wide Threat Exposure and Vulnerability Management program by operating and managing various tools utilized, provide data analytics, and generate actionable metrics, prioritizing threats and tracking remediation progress as well as close partnership to continuously improve operational effectiveness. The candidate will bring expertise and experience in the threat exposure and vulnerability management function.
Qualifications
- Threat Exposure and Vulnerability Management experience of 5-7 years with 7-10 years of general IT experience
- 5-7 years sustaining or operating vulnerability management tools such as Qualys VMDR, Tenable VM, Prisma CWP or other related solutions
- Vulnerability management experience must include traditional endpoints, cloud services, mobile devices, and IoT/OT devices
- Must have experience with External Attack Surface Management tools and processes or workflows
- Must have experience with cloud vulnerability management (IaaS) including container security familiarity with containers, serverless compute or functions
- Familiarity with DevOps, DevSecOps
- Experience working with Azure, AWS or GCP
- Strong analytical and problem-solving skills
- Strong written and verbal communication skills
Primary Function
- Maintain day-to-day operational cadence by adhering to established best practices or processes and workflows
- Maintain awareness of cybersecurity threats through daily threat intelligence sourcing and assessments. Sources can include but not limited to the following:
- Government Agencies such as CISA, DHS or FBI
- Security partners or current security vendors/suppliers
- Other sources including MSSP partners or vendors/suppliers
- Evaluate current threats, assess impact to company assets and provide guidance on actionable next steps to mitigate or remediate the identified threat
- Experience is Attack Path Analysis/Mapping/Management is desirable
- Coordinate and track remediation of identified threats with respective stakeholders, asset or application owners
- Advise on industry trends, process improvements or product/solutions roadmap
- Create and maintain actionable metrics; analyze trends or outliers that require management attention
- Regular interaction with Security Operations managers
- Maintain system compliance
- Perform daily system/platform upkeep and maintain 99% availability
Other Expectations
- In-depth knowledge of system or application vulnerabilities
- Ability to internalize threat intelligence and apply to in-scope assets
- Demonstrate knowledge of overall vulnerability management process and apply in specific uses cases such as mission critical assets/systems or database vulnerabilities
- Capable of independently assessing risks and provide remediation or mitigation plans to reduce or eliminate identified risks
- Demonstrate knowledge of various operating systems such as Windows or Linux
- Scripting knowledge and experience is desirable
- Coordinate with other Security Operations team on ongoing investigations or projects
- Provide input or feedback to improve processes and workflows
Educational Qualifications:
- 4yr degree in Information Technology or related field of study
- Certifications: GIAC/Sans, ISC2 or vendor/product-specific
