We are seeking a motivated professional to join its information security operations team as a **Security Analyst **focused on managing risks and vulnerabilities of a modern technology cloud first environment. The Security Analyst will play a critical role in safeguarding the integrity and resilience of Experian's modern cloud-based infrastructure.
**Key Responsibilities**:
- Collaborate with cross-functional teams to prioritize and categorize vulnerabilities based on severity, potential impact, and likelihood of exploitation.
- Analyze security findings from various sources, such as security tools, penetration tests, to identify trends and patterns.
- Manage and drive vulnerability tracking and timelines for remediation.
- Work closely with DevSecOps, IT and platform teams to ensure timely patching, configuration changes, and updates to address identified vulnerabilities.
- Stay up to date with the latest security threats, vulnerabilities, and mitigation strategies in cloud technologies, and translate this knowledge into actionable insights.
- Collaborate with third-party vendors, Experian cyber fusion team, and internal stakeholders to address vulnerabilities and verify successful remediation.
- Provide regular reports and updates to management regarding the organization's vulnerability posture, ongoing remediation efforts, and improvements made to the vulnerability management program.
- Manage and track completion of security training and awareness programs for business unit.
- Assist with tracking and remediating control gaps.
- Drive efforts to ensure consistency of controls across the business unit.
- Build relationships with key stakeholders across the organization to track and manage risk.
- Mentor teammates on processes, best practices, prioritization, and issue resolution as per Experian policies, standards, and technical service baselines.
- Flexibility to be a utility player where needed as this business evolves.
- Other duties as requested.
**Qualifications**
- Bachelor's degree in computer science, information technology, cybersecurity, or a related field or demonstrated equivalent experience.
- Have or willingness to achieve industry-recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), and Certified Cloud Security Professional (CCSP).
- Knowledge of major cloud platforms such as AWS, Azure, including experience with cloud security services and configuration management.
- Some experience using scripting languages (e.g., Python, Bash) with a focus on automating security controls.
- Familiarity with container security best practices, orchestration platforms (e.g., Kubernetes), container runtime security, and related tools (e.g., container scanning tools).
- Some experience or familiarity with vulnerability scanning and assessment tools for cloud, containers, and big data systems, and the ability to interpret and prioritize the results.
- Understanding of security principles, best practices, and common vulnerabilities in cloud environments, big data systems, and container technologies (e.g., Kubernetes, Docker)
- Understanding of security monitoring tools, intrusion detection systems, and the ability to analyze logs to detect and respond to security incidents.
- Skills to assess and prioritize vulnerabilities based on risk factors, business impact, and industry standards.
- Strong analytical and problem-solving skills to identify root causes of vulnerabilities and work collaboratively with teams to remediate them.
- Effective communication skills, both written and verbal, to interact with technical and non-technical stakeholders, present findings, and provide security recommendations.
- The ability to stay current with evolving cloud, big data, and container security trends, and adapt to new technologies and emerging threats.
- Agile project management skills to manage vulnerability assessments, remediation efforts, and ongoing security initiatives.
- Collaborative attitude, willingness to work in cross-functional teams, and a commitment to a culture of security within the organization.
**Benefits**:
Law benefits
Courses and certifications
100% Remote
Tipo de puesto: Tiempo completo
Salario: ¢1,000,000.00 - ¢1,800,000.00 al mes
Idioma:
- Inglés (Obligatorio)