More jobs:
Job Description & How to Apply Below
Who are we
Equinix is the world's digital infrastructure company®, shortening the path to connectivity to enable the innovations that enrich our work, life and planet.
A place where bold ideas are welcomed, human connection is valued, and everyone has the opportunity to shape their future.
Help us challenge assumptions, uncover bias, and remove barriers—because progress starts with fresh ideas. You'll find belonging, purpose, and a team that welcomes you—because when you feel valued, you're empowered to do your best work.
Job Summary
The Threat and Vulnerability Management (TVM) Analyst promotes security by identification, assessment, and reporting of security vulnerabilities pertaining to corporate assets to reduce risk of exploitation via prioritized remediation and achievement of service-level agreements (SLAs). These processes involve vulnerability scanning, risk analysis, patch management, and coordinating remediation with multiple internal teams, often across cloud, container, and application environments. Common vulnerability scanner operation, understanding cloud security (e.g., AWS, Azure, GCP, etc.),
understanding common software development and software security practices, and ability to navigate compliance frameworks are important skills and knowledge for this role. The TVM Analyst evaluates internal and external vulnerability scanning results, addresses false positives, and produces and disseminates related reporting to TVM stakeholders. Current knowledge of industry standards and best practices in vulnerability management assists the TVM Analyst in contributing to continued improvement of the TVM program.
Additionally, this individual works with internal team members to ensure that systems remain functional, secure, and are managed in an efficient and scalable manner.
Responsibilities
Configuring and executing scheduled and ad hoc network- and host-based scans using enterprise-grade tooling to identify vulnerabilities within multiple environments
Developing and enhance scanning strategies to ensure comprehensive scanning coverage across the entire company
Analyzing vulnerability data to identify trends, patterns, and potential impacts and reporting findings to relevant stakeholders
Partnering with enterprise-wide stakeholders to understand environmental, compliance, and other factors that may influence prioritization of remediation of vulnerabilities
Notifying system owners and other vulnerability stakeholders on a periodic basis and assisting in achievement of remediation within established SLAs by asserting formal processes
Creating, maintaining, and presenting weekly and monthly metrics to stakeholder, management, and executive management audiences
Maintaining and validating Operating System Baseline Configuration standards that are mapped to standards such as the Center for Internet Security (CIS) Critical Security Controls
Communicating risks and recommending security controls to stakeholders at all levels
Assessing exposure to zero-day and other significant vulnerabilities to ensure timely response to threats and risks
Qualifications
Experience working with a vulnerability scanning platforms (e.g., Nexpose, Nessus, Qualys, etc.)
Strong technical skills related to operating systems, networks, applications, virtualization, and cloud environments
Knowledge of security best practices, risk assessment, and vulnerability classification (e.g., CVSS, MITRE ATT&CK, etc.)
Extensive automation experience using Python, Power Shell, or other common means of automating repeatable work tasks
Understanding of asset and application management systems and ability to use these systems in a scaled manner to work efficiently
Experience working with information security teams such as fusion centers, security operations centers, vulnerability assessment, vulnerability threat management, and security incident management
Strong understanding of potential compensating controls related to asset and application vulnerability to assist in prioritization of vulnerability remediation
Must be a self-starter, self-motivated, and able to work independently with little oversight
Strong communications skills and the ability to…
Position Requirements
10+ Years
work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×