We are seeking a motivated professional to join its information security operations team as a Security Analyst focused on managing risks and vulnerabilities of a modern technology cloud first environment. The Security Analyst will play a critical role in safeguarding the integrity and resilience of Experian's modern cloud-based infrastructure.
?
Key Responsibilities:?
• Working in conjunction with application, platform, and product development teams, regularly review, analyze, and manage vulnerability assessment results to identify potential security weaknesses in cloud infrastructure and applications.
• Collaborate with cross-functional teams to prioritize and categorize vulnerabilities based on severity, potential impact, and likelihood of exploitation.
• Analyze security findings from various sources, such as security tools, penetration tests, to identify trends and patterns.
• Manage and drive vulnerability tracking and timelines for remediation.
• Work closely with DevSecOps, IT and platform teams to ensure timely patching, configuration changes, and updates to address identified vulnerabilities.
• Stay up to date with the latest security threats, vulnerabilities, and mitigation strategies in cloud technologies, and translate this knowledge into actionable insights.
• Collaborate with third-party vendors, Experian cyber fusion team, and internal stakeholders to address vulnerabilities and verify successful remediation.
• Provide regular reports and updates to management regarding the organization's vulnerability posture, ongoing remediation efforts, and improvements made to the vulnerability management program.
• Manage and track completion of security training and awareness programs for business unit.
• Assist with tracking and remediating control gaps.
• Drive efforts to ensure consistency of controls across the business unit.
• Build relationships with key stakeholders across the organization to track and manage risk.?
• Mentor teammates on processes, best practices, prioritization, and issue resolution as per Experian policies, standards, and technical service baselines.
• Flexibility to be a utility player where needed as this business evolves.
• Other duties as requested.
Qualifications
• Bachelor's degree in computer science, information technology, cybersecurity, or a related field or demonstrated equivalent experience.
• Have or willingness to achieve industry-recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), and Certified Cloud Security Professional (CCSP).
• Knowledge of major cloud platforms such as AWS, Azure, including experience with cloud security services and configuration management.
• Some experience using scripting languages (e.g., Python, Bash) with a focus on automating security controls.
• Familiarity with container security best practices, orchestration platforms (e.g., Kubernetes), container runtime security, and related tools (e.g., container scanning tools).
• Some experience or familiarity with vulnerability scanning and assessment tools for cloud, containers, and big data systems, and the ability to interpret and prioritize the results.
• Understanding of security principles, best practices, and common vulnerabilities in cloud environments, big data systems, and container technologies (e.g., Kubernetes, Docker)
• Understanding of basic security testing methods and technologies, including penetration testing, web application security assessments, vulnerability assessments, etc.
• Understanding of security monitoring tools, intrusion detection systems, and the ability to analyze logs to detect and respond to security incidents.
• Skills to assess and prioritize vulnerabilities based on risk factors, business impact, and industry standards.
• Strong analytical and problem-solving skills to identify root causes of vulnerabilities and work collaboratively with teams to remediate them.
• Effective communication skills, both written and verbal, to interact with technical and non-technical stakeholders, present findings, and provide security recommendations.
• The ability to stay current with evolving cloud, big data, and container security trends, and adapt to new technologies and emerging threats.
• Agile project management skills to manage vulnerability assessments, remediation efforts, and ongoing security initiatives.
• Collaborative attitude, willingness to work in cross-functional teams, and a commitment to a culture of security within the organization.
Benefits
Law Benefits
Courses and Certifications
100% Remote
