Job Details:
Analyst, Vulnerability Management
Location: Foster City, CA
Schedule: Hybrid (Requires 3 Days Per Week Onsite)
Long term Contract
As an Analyst, Vulnerability Management, you'll:
Own the vulnerability management lifecycle end-to-end, from detection through triage, ownership identification, validation, resolution, and process improvement. Gather context about vulnerabilities to make an accurate determination of severity and risk. Participate in refining and automating the vulnerability management workflows. Work with product teams to communicate identified risks, make recommendations on appropriate controls, and advocate for a fix. Gather and refine metrics related to vulnerability management and changes in risk posture.
Requirements
- Bachelor's degree in a relevant field (e.g., cybersecurity, computer science/engineering, electrical engineering, information systems), or an equivalent combination of experience, certification, and formal or informal education
- 4+ years of experience in the cybersecurity field
- Strong problem-solving, troubleshooting, and communication skills
Experience in the following:
- Vulnerability scanners, code scanners (static analysis), dependency scanners (SBOM/SAST), and similar
General understanding of the following:
- Vulnerability scoring and prioritization frameworks
- General cybersecurity frameworks (CVE, NIST, CIS, and ISO)
Bonus Qualifications:
- General automation development experience
- Python for automation and development
- Experience with AWS or other public clouds and infrastructure-as-code
