Company Description
Experian is the world's leading global information services company. During life's big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.
We have 20,000 people operating across 44 countries and every day we're investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.
**Job Description**:
The Attack Surface Management engineer is responsible for activities related to Attack Surface Management, with the goal to ensure comprehensive visibility of Experian's attack surface and vulnerabilities.
**Responsibilities**:
- Follows Attack Surface Mgmt processes to continuously monitor and improve visibility of the attack surface in order to detect anomalies faster and reduce incidences of cyber-attacks
- Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques
- Engage with business stakeholders to ensure they fully understand their Attack Surface, and helps them identify prioritization of vulnerabilities
- Develops vulnerability KPIs/metrics to demonstrate coverage and remediation effectiveness
- Execute daily operations of the Attack Surface Mgmt program, including the interpretation of scanning results
- Asist in the identification of internal and external risks based on scanning results
- Assist in the attribution of findings to appropriate business owner
- Identify improvements to scan coverage
- Coordinate with IT and geographically dispersed business units vulnerability remediation and mitigation strategies
- Assist in the documentation and standardization of process and procedures related to Attack Surface Mgmt
- Aggregating vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpreting and presenting risk.
**Qualifications**:
- Bachelor's degree in computer science or computer engineering, or equivalent work experience.
- 1-3+ years of experience in information security vulnerability management role.
- Advanced English proficiency.
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws
- Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7 and ServiceNow.
- Knowledge of major cloud platforms (AWS, Azure, or GCP).
- Knowledge of systems hardening and other risk mitigation factors on multiple technologies and operating systems (Window, Linux, Mac, routers, switches, Kubernetes).
- Working knowledge of networking standards and protocols: IPv4 IPv6, TCP/IP, DNS, HTTPS, TLS, BGP, Firewalls and NAT, SMTP, VPN, ICMP, SSH, IPSec, etc.
- Certification that could be helpful but not required: CISSP, Security+, CEH, GIAC certifications.
- Ability to provide creative solutions to complex problems
- Ability to clearly communicate risk of vulnerabilities to all levels within an organization.
- Excellent oral and interpersonal communication skills and ability to communicate ideas in both technical and user-friendly language
- Ability to manage, organize, analyze, and present substantial amounts of data
- Experience selecting and deploying product
- Outstanding writing and documentation skills
- Highly self-motivated and directed, with keen attention to detail
- Able to prioritize and execute tasks in a high-pressure environment
- Experience working in a team-oriented, collaborative environment
Additional Information
Our benefits include: Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
LI-GJ1
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
- Experian is proud to be an Equal Opportunity and Affirmative Action employer_. _We're passionate about unlocking the power of data to transform lives and create opportunities for consumers, businesses, and society. For more than 125 years, we've helped people and economies flourish - and we're not done.
We take our people's agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, collaboration, wellness, reward & recognition, volunteering, making an impact... the list goes on. See our DEI work in a