In this role, you will be responsible for ensuring that vulnerability and configuration management policy requirements are followed and adhered to on Experian system topologies.
You will collaborate with security, infrastructure and DevSecOps teams to ensure system vulnerabilities and misconfigurations are identified and managed.
You will work proactively with those teams to drive remediation efforts, providing guidance and background information as needed.
You will gather and monitor progress on remediation plans. You will collect and report pertinent metrics to your business partners to identify trends and establish priorities.
Prioritize newly identified vulnerabilities based upon severity, potential operational impact, exploitation, and other factors to assess risk to Experian.
Identify new and emerging threats and address them strategically and tactically as required.
Engage with infrastructure and application partners to ensure vulnerability management strategy is understood, agreed to and implemented.
Support delivery of policy metrics for infrastructure and application scanning.
Review vulnerability metrics associated with affected and non-compliant infrastructure and applications, identify trends and track remediation.
Utilize tracking tools / capabilities in a vulnerability management system to report vulnerability mitigation and remediation progress.
Act as advisor for secure system implementation and threat mitigation.
Analyze known issues with vendor provided fixes and contact the appropriate vendor for a defined and attainable solution.
Evaluate vulnerability scans for operational readiness and validate if vulnerabilities are false positives based on the Operating system and / or and application configuration.
Review publicly disclosed vulnerabilities of vendor software / hardware products and identify the mitigation and remediation alternatives.
Provide guidance and educate business partners in risk management principles and practices.
Educate business partners in the need to remove vulnerabilities from Experian assets and applications.
Train and / or mentor other team members and peers as appropriate.
Identify opportunities to enhance existing processes, especially where automation can be applied.
Drive innovation targeting ongoing reductions in vulnerabilities.
Proactively review policy to identify enhancement opportunities.
What your background looks like :
Bachelor’s degree in Computer Sciences or related field or equivalent experience. Candidates with cybersecurity certifications such as CISSP, GSEC, Security+, etc. are preferred.
5+ years of experience with cyber security vulnerability and configuration scanning tools. Candidates with Rapid7, Expanse, BlueCat, CloudHealth, MVision, Aquasec and / or Panaseer experience are preferred.
Experience performing risk assessments and vulnerability analysis to advise business on remediation.
Passion to work on newer technologies and explore the security domain.
Excellent problem-solving capabilities.
Strong written and verbal communication skills.