Job Directory Cyber Security Data Vulnerability Analyst

Cyber Security Data Vulnerability Analyst
Universal City, CA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About

Job Description

Responsibilities

The successful candidate will be joining NBCUniversal at an exciting time where it is transforming from an operational, tool-based cyber defense program to an intelligence and threat-based organization. The vulnerability management team is no different; growing and transforming to a service offering for the entire company, and partnering with the rest of the Cyber Security organization to shape the future of cyber defenses at NBCUniversal.

The successful candidate will be expected to 'think like an adversary', pulling from their diverse background and knowledge of IT, to identify, assess, prioritize and communicate vulnerabilities and threats across the systems and applications making up the NBCUniversal IT ecosystem.

Responsibilities:

* Support daily operations of vulnerability management across NBCU. Activities include configuring and scheduling discovery and vulnerability scans within Qualys, generating vulnerability reports and assisting the asset/remediation owners interpret vulnerability findings, and supporting miscellaneous requests for vulnerability data.
* Analyze external daily threats and exploits to determine the impact to the NBCU infrastructure.
* Research vulnerabilities in software, firmware and devices, and modern exploits and exploitation techniques in the following areas: Microsoft platform (Server, workstation, applications), Open Systems platforms (Linux, UNIX, VM Ware ESX), Java, Adobe, Web Application, Java web app virtualization platforms (e.g. WebSphere), Networking, Databases (Oracle, SQL Server, DB2, IMS), and others.
* Develop innovative security testing to mimic advanced persistent threat techniques and blended threats
* Identify and articulate risks and remediation in a relevant and approachable manner with both technical and non-technical audiences
* Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and impact
* Assists in designing correction plans, mitigations, and full remediation actions
* Understand and communicate attack chains to management and other stakeholders.
* Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions.
* Collaborate with infrastructure and application owners on security hot-fixes or patch management validation
* Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
* Support the cyber incident response team in specified vulnerability discovery and identification tasks during crisis management.
* Coordinate with stakeholders to develop requirements for service enhancements

Qualifications/Requirements

* 3-5 years of experience in either vulnerability management or related information security field
* Experience in threat and vulnerability management, penetration testing, security operations
* Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
* Advanced experience with vulnerability scanning tools (Qualys preferred) and other vulnerability management tools
* Familiarity with multiple programming and scripting languages (such as, Java, C/C++, Objective C, Ruby, Python, Perl, etc.)
* Demonstrate knowledge of networking concepts and devices (Firewalls, Routers, Switches, and Load Balancers)
* Demonstrate an understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
* Experience developing and improving KPIs, metrics, and trending for vulnerability management functions
* Understanding of how applications, networking, operating systems, and databases work

Desired Characteristics

* Intellectual capability and curiosity to learn complex processes.
* Highly collaborative; personally, and professionally self-aware; able to and interested in interacting with employees at all levels; embody integrity; and represent and inspire the highest ethical standards.
* Strong sense of urgency and commitment, as well as sound business sense with a strategic, conceptual and operational orientation
* Experience advising on technical related issues
* Passion for and interest in media and entertainment industry highly desired
* Flexible, organized, and passionate about advanced cyber security
* Great interpersonal skills and love for a team environment

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.