Information Security Analyst – Threat Exposure and Vulnerability Management

The candidate will support the enterprise-wide Threat Exposure and Vulnerability Management program by operating and managing various tools utilized, provide data analytics, and generate actionable metrics, prioritizing threats and tracking remediation progress as well as close partnership to continuously improve operational effectiveness.  The candidate will bring expertise and experience in the threat exposure and vulnerability management function. 

Qualifications

• Threat Exposure and Vulnerability Management experience of 5-7 years with 7-10 years of general IT experience
• 5-7 years sustaining or operating vulnerability management tools such as Qualys VMDR, Tenable VM, Prisma CWP or other related solutions
• Vulnerability management experience must include traditional endpoints, cloud services, mobile devices, and IoT/OT devices
• Must have experience with External Attack Surface Management tools and processes or workflows
• Must have experience with cloud vulnerability management (IaaS) including container security – familiarity with containers, serverless compute or functions
• Familiarity with DevOps, DevSecOps
• Experience working with Azure, AWS or GCP
• Strong analytical and problem-solving skills
• Strong written and verbal communication skills

Primary Function

• Maintain day-to-day operational cadence by adhering to established best practices or processes and workflows
• Maintain awareness of cybersecurity threats through daily threat intelligence sourcing and assessments.  Sources can include but not limited to the following:
  • Government Agencies such as CISA, DHS or FBI
  • Security partners or current security vendors/suppliers
  • Other sources including MSSP partners or vendors/suppliers
• Evaluate current threats, assess impact to company assets and provide guidance on actionable next steps to mitigate or remediate the identified threat
• Experience is Attack Path Analysis/Mapping/Management is desirable
• Coordinate and track remediation of identified threats with respective stakeholders, asset or application owners
• Advise on industry trends, process improvements or product/solutions roadmap
• Create and maintain actionable metrics; analyze trends or outliers that require management attention
• Regular interaction with Security Operations managers
• Maintain system compliance
• Perform daily system/platform upkeep and maintain 99% availability

Other Expectations

• In-depth knowledge of system or application vulnerabilities
• Ability to internalize threat intelligence and apply to in-scope assets
• Demonstrate knowledge of overall vulnerability management process and apply in specific uses cases such as mission critical assets/systems or database vulnerabilities
• Capable of independently assessing risks and provide remediation or mitigation plans to reduce or eliminate identified risks
• Demonstrate knowledge of various operating systems such as Windows or Linux
• Scripting knowledge and experience is desirable
• Coordinate with other Security Operations team on ongoing investigations or projects
• Provide input or feedback to improve processes and workflows

Educational Qualifications:

• 4yr degree in Information Technology or related field of study
• Certifications: GIAC/Sans, ISC2 or vendor/product-specific

Qualifications

Education:

Skills

Certifications:

Languages:

Years of Experience:

Work Experience:

Additional Information

Shift:

Travel:

Relocation Eligible:

Applied Materials is an Equal Opportunity Employer committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.