Infrastructure Vulnerability Analyst

Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”

Seeking an is seeking an Sr.Infrastructure Vulnerability Analyst who would be responsible for scanning the entire infrastructure of the organization and mitigating the risk. The candidate will be interacting with internal technology functions to ensure they are made aware and stay updated on Secure Architecture and controls. Candidate will be directly responsible for vulnerability management and threat management of the infrastructure and information assets.

Core responsibilities to include assessing and promoting remediation for all the assets that reside in all the regions and data centers across the globe.

Candidate will be a key member of the centralized information security team.

Perform vulnerability scans and report findings for On-prem and Cloud network.

Publish the vulnerability status reports to senior management and track remediation.

Define and participate in implementation of On-prem and Cloud architecture and security controls.

Proactive identification of threats and risk remediation.

Plan and implement security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.

Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.

Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.

Participate in and assist with incident response team, as appropriate.

Generate metrics for the Management as needed.

Prepare system security reports by collecting, analyzing, and summarizing data and trends.

2-4 years of proven experience in Information security or Vulnerability Management or Penetration testing; a Master’s degree can be substituted for experience.

Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.

Bachelor’s degree in information security or Information Technology or Computer Science or related fields or from STEM

Deep and diverse experience architecting and implementing network security designs.

Expert in network security, system security and endpoint security.

Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.

Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.

Proven experience with products dealing with vulnerability management services which include Retina, Qualys, Nessus, Nexpose, etc.

Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).

Excellent customer service including strong written and oral communication skills.

Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.

Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.

Certifications such as CISM, CEH, CISSP or equivalent.

Results focused and attention to detail.

Ability to work in the 2nd shifts to overlap with customer hours.