Security Analyst - Commercial Vulnerabilities
New York, New York
July 31st 2019
Job Title: Security Analyst - Commercial Vulnerabilities
The candidate will be joining the Commercial Vulnerability Management team as a Security Analyst within the Firm's Technology Risk organization. The team is responsible for assessing reported vulnerabilities pertaining to commercial software products as to severity and relevance to the Client and assigning them to responsible technology owners for remediation. The team is responsible for reporting on all aspects of commercial vulnerability risk exposure for the Firm.
This analyst will join the Commercial Vulnerability Management team within the Technology Risk department. The team consists of six (four members in Montreal and two in New York City) with responsibility for daily analysis of CVEs relevant to technology products in use by the Firm.
Candidate needs to be proficient with CVSS scoring and have experience accounting for the existence of compensating controls to re-factor the score.
Candidate needs to be comfortable escalating vulnerabilities to the CISO and senior management level and initiating requests for immediate action and triage of critical severity items.
Analyst will be responsible for a segment of products associated with a particular (TBD) area of the technology organization and therefore needs to form strong relationships with technology owners in order to influence remediation priorities.
Performance of daily functions will require the ability to derive information from various related Splunk views and indexes.
2-3 years of technology experience with 1 or more years in a technology risk function
Strong understanding of cyber exploit techniques and CVSS scoring of vulnerabilities in an enterprise IT environment
Understanding of technology components, interaction between layers and services for applications and infrastructure
Experience with an enterprise reporting platform (Splunk preferred)
Strong organizational, communication, and professional skills
Job ID: A2450