変化を受け入れる
新たな可能性を生み出す。

Job Purpose and Impact

• The Professional, Surface Area Management job safeguards the organization's digital assets by identifying and mitigating security vulnerabilities. With limited supervision, this job maintains vulnerability management systems' effectiveness and improves the organization's overall cybersecurity posture.

Key Accountabilities

The Professional Vulnerability Analyst job safeguards the organization’s digital assets by identifying, assessing, and helping remediate vulnerabilities across the global enterprise. With limited supervision, this job maintains vulnerability management systems' effectiveness and improves the organization’s overall cybersecurity posture through close coordination with stakeholders such as IT, security engineering, and application owners. This includes the following:

• Analyzing vulnerability data from tools such as Tenable, Qualys, or Rapid7.
• Prioritizing vulnerabilities based on risk context.
• Tracking remediation process and driving accountability with system owners through ticketing systems like Jira or ServiceNow.
• Strong communication and collaboration skills to work effectively across IT and security teams.
• Generate and present reports on vulnerability trends, SLA compliance, and risk posture.
• Support vulnerability scanning operations and troubleshoot scan coverage issues.
• Collaborate with other cyber security teams like Threat Intelligence to validate and enrich findings.
• Assist in patch validation and change coordination for remediation activities.
• Contribute to the tuning of scanning tools and development of custom dashboards.
• Stay informed on emerging threats, CVEs, zero-days, and best practices in vulnerability management.
• Solid understanding of CVSS, MITRE ATT&CK, and modern threat landscapes.
• Familiarity with remediation strategies on Windows, Linux, networking equipment, and cloud services (AWS, Azure, GCP, and/or OCI) - focused specialty in cloud services is a plus.

Qualifications

• Minimum requirement of 2 years of relevant work experience. Typically reflects 3 years or more of relevant experience.