Senior Vulnerability Researcher
Short Hills, NJ

Job Description

Why We Work at Dun & Bradstreet

We are at a transformational moment in our company journey - and we're so excited about it. Each day, we are finding new ways to strengthen our award-winning culture, and to accelerate creativity, innovation and growth. Our purpose is to help customers improve business performance with Dun & Bradstreet's Data Cloud and Live Business Identity, and we're wildly passionate and committed to this purpose. So, if you're looking to make an immediate impact at a company that welcomes bold and diverse thinking, come join us!

Dun & Bradstreet is responsible for collecting and analyzing the data of 285 million commercial entities and 100 million associated contacts. We offer the world's most comprehensive commercial data source, and our data drives critical everyday business decisions. The trust and confidence our customers have in the protection and integrity of that data is critical to our success.

Our Global Security and Risk team is responsible for securing the technologies, applications and data that millions of our customers rely on each and every day. We are building a best-in-class team of security experts with a relentless focus on results, creativity in solving business challenges, a passion to develop their own careers and further their knowledge in security, and can work closely with our business units, technology teams and customers. In working with us - you'll help to continuously improve the program, implement leading new technologies, and be part of our company transformation.

The trust our customers and partners put in our systems and data is critical to our success. We are seeking a strong Senior Vulnerability Researcher who can deliver on large scale initiatives to help mature the information security and risk management programs. This role reports to the Director of Vulnerability Management.

Senior Vulnerability Researcher

We are looking for highly self-motivated candidate for our Global Vulnerability Management team within Global Security and Risk. Our team performs one of the most critical security and risk functions at the firm detecting vulnerabilities in our technology and ensuring their remediation before they can be exploited by malicious hackers.

Key Responsibilities:

* Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support
* Follow public and/or private vulnerability feeds
* Rate D&B's exposure (impact and likelihood of compromise) to newly identified vulnerabilities
* Provide proof-of-concept exploits in a lab environment to demonstrate exploitability.
* Document and communicate findings to stakeholders
* Contribute to network security strategy and automation
* Contribute to the team's continuous improvement efforts
* Maintain knowledge and skillset relevant to trends in the industry

Qualifications/Requirements:

* Minimum 7-10 years of security experience, specifically around organizational security and vulnerability management.
* Experience with common vulnerability feeds from government, vendor, and open source communities
* Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls
* Familiarity with vulnerability management frameworks and concepts such as CVE, and CVSS
* Ability to assess and articulate actual business risk along with good report writing and client presentation skills of researched vulnerabilities
* Ability to develop and maintain positive relationships with other technology teams
* Good understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rdparty libraries and remediation
* Scripting and/or programming skills (e.g., Python, PowerShell, Java, JS, etc.)
* A strong understanding of application, Linux, Windows and network security
* Ability to work both independently and in a highly collaborative team environment
* Understanding of the lean and agile framework and processes
* Strong communication skills - written and verbal

Dun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law.

We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with Dun & Bradstreet and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your request to TalentAcquisitionTeam@dnb.com. Determination on requests for reasonable accommodation are made on a case-by-case basis.

Please note that all Dun & Bradstreet job postings can be found at https://dnb.wd1.myworkdayjobs.com/Careers and all communication from Dun & Bradstreet will come from an email address ending in @dnb.com.