Security Vuln Metrics
hace 6 meses
Company Description
**About us, but we’ll be brief**
Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been name in the 100 “World’s Most Innovative Companies” by Forbes Magazine.
**Job Description**:
**What you'll be doing**
**Responsibilities**
- This is an independent role, responsible for driving the development of vulnerability management metrics, gathering feedback from senior leaders in the organization, and being able to articulate metrics to senior leaders
- Evaluate and define functional requirements for vulnerabilities, flaws, and misconfigurations metrics
- Understand the end-to-end Cloud and Attack Surface Management metrics process including metrics collection, tracking, and reporting.
- Develop, maintain, and run advanced reporting, dashboards, scorecards and analytical results
- Communicate metrics to system owners and business partners on outstanding vulnerabilities, issues, and concerns.
- Develop and automate vulnerability metrics with specific procedures for data collection, analysis, and charting, partnering with necessary teams as appropriate.
- Determines requirements for technical solutions and tools to effectively implement Vulnerability Metrics
- Maps metrics back to strategic objectives for providing insight into the effectiveness and efficiency of Cloud and Attack Surface Management
- Develops vulnerability KPIs/metrics to demonstrate coverage and remediation effectiveness
- Develops program efficacy metrics to support platform stability and improvements
- Review business and internal requests for new or vulnerability management reporting, design the solution, and develop metrics
- Work with stakeholders to identify risk-based vulnerability management metrics that align with the security program and security risk management.
- Develop procedures to structure the metrics and reporting framework as part of a long-term strategy
- Produce timely scoping documents outlining the requirements for business requests
- Provide actionable recommendations to critical stakeholders based on data analysis and findings related to vulnerability management processes requiring reporting
- Aggregating vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpreting and presenting risk.
**Qualifications**:
**What your background looks like**
- Four-year college diploma or university degree in computer science or computer engineering, and/or 5 years equivalent work experience.
- 5+ related experience in Cyber Security/Information Security and Vulnerability Management reporting
- Experienced in tools like SQL, Tableau, MS Excel, etc.
- Experienced with collaboration tools such as JIRA, ServiceNow, Confluence, etc.
- Understanding of end-to-end security metrics process including metrics collection, tracking, and reporting, including ownership and responsibilities for each activity.
- Understanding of Common Vulnerability Scoring System (CVSS), including calculations and implications of base, temporal, and environmental scoring factors
- Experience with collecting, analyzing, and interpreting qualitative and quantitative data from various sources for the purposes of detailing results and analyzing findings to provide sophisticated threat intelligence.
- Familiarity with architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7, and ServiceNow.
- Ability to provide creative solutions to complex problems
- Ability to clearly communicate the risk of vulnerabilities to all levels within an organization.
- Knowledge of major cloud platforms (AWS, Azure, or GCP).
- Ability to manage, organize, analyze, and present substantial amounts of data
- Experience with large-scale and complex environments
- A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies
- Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management, and security and controls
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood and actionable manner
**Personal Attributes**
- Excellent interpersonal skills and strong verbal and written communication
- Proactive attitude, seeking improvement opportunities that can positively impact the security posture and the business
- Outstanding writing and documentation skills
- Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
- Able to communicate ideas in both technical and user-friendly language
- Highly self-motivated and directed, with keen attention to detail
- Able to prioritize and execute tasks in a high
-
Security Vulnerability Metrics
hace 6 meses
Heredia, Costa Rica BMA Group A tiempo completo**Job Title**: **Security Vulnerability Metrics & Data Analyst** **Job Category**: Professional **Department/Group**: **Attack Surface Management** **Position Type**: Full time **Location**: Remote, Costa Rica **Reports to**: Director Attack Surface Management Security Vulnerability Metrics & Data Analyst Description This role will establish and...
-
Application Security Engineer
hace 6 meses
Heredia, Costa Rica Global Services Business A tiempo completoAn important Company in Costa Rica is looking for an Application Security Engineer **Responsibilities**: Application security reviews (SAST, DAST, Pen testing) Secure architecture design Threat modeling Security outreach to internal development teams Security guidance documentation Security metrics delivery and improvements Build deep relationships with...
-
Application Security Engineer
hace 6 meses
Heredia, Costa Rica GSB A tiempo completoAn important Company in Costa Rica is looking for an Application Security Engineer English Advanced **Responsibilities**: - Application security reviews (SAST, DAST, Pen testing) - Secure architecture design - Threat modeling - Security outreach to internal development teams - Security guidance documentation - Security metrics delivery and improvements -...
-
Security Data Engineer Ii
hace 6 meses
Heredia, Costa Rica Experian A tiempo completo**Company Description** Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial...
-
Lead Security Partner
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoFull-time Employee Status: Regular Role Type: Home Department: Legal & Compliance Schedule: Full Time **Company Description**: Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower...
-
Security Data Engineer Ii
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoFull-time Employee Status: Regular Role Type: Home Department: Analytics Schedule: Full Time Shift: Day Shift **Company Description**: Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers -...
-
Security Analyst
hace 7 meses
Heredia, Costa Rica GFT Technologies SE A tiempo completoJob Description: About the role: Responsible for ensuring that vulnerability disclosure program requirements are followed and adhered to on client applications and system topologies. You will collaborate with security, application, infrastructure and DevSecOps teams to ensure vulnerabilities are identified and...
-
Cyber Security Assurance Analyst
hace 6 meses
Heredia, Costa Rica Stryker Corporation A tiempo completo**Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: As a Cyber Security Assurance Analyst at...
-
Cyber Security Assurance Analyst
hace 6 meses
Heredia, Costa Rica Stryker A tiempo completo**Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: As a Cyber Security Assurance Analyst at...
-
Physical Security Senior Coordinator
hace 6 meses
Heredia, Costa Rica Stryker A tiempo completo**Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: A Physical Security Senior Coordinator...
-
Sr Security Partner
hace 6 meses
Heredia, Costa Rica Experian A tiempo completo**Company Description** Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial...
-
Sr Security Partner
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoFull-time Employee Status: Regular Role Type: Home Department: Legal & Compliance Schedule: Full Time **Company Description**: Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower...
-
IT Analyst, Infrastructure and Security
hace 8 meses
Heredia, Costa Rica Stryker Corporation A tiempo completo**Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: **Who we Want**: - ** Dedicated...
-
Systems Security Administrator Ii
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoCompany Description Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control...
-
Systems Security Administrator Ii
hace 7 meses
Heredia, Costa Rica Experian A tiempo completoFull-time Employee Status: Regular Role Type: Hybrid Department: Information Technology & Systems Schedule: Full Time Shift: Day Shift **Company Description**: Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by...
-
Systems Security Administrator I
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoCompany Description **Experian **is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial...
-
Security Analyst
hace 7 meses
Heredia, Costa Rica GFT Technologies SE A tiempo completo**About the role**: **A day in this role**: - Prioritize newly identified vulnerabilities based upon severity, potential operational impact, exploitation, and other factors to assess risk to. - Support delivery of policy metrics for the vulnerability disclosure program. - Utilize tracking tools/capabilities in a vulnerability management system to report...
-
Cyber Security Awareness Analyst
hace 8 meses
Heredia, Costa Rica Stryker Corporation A tiempo completo**Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: **Who we Want**: - ** Analytical problem...
-
Systems Security Analyst Ii
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoCompany Description **Experian **is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial...
-
Systems Security Analyst Ii
hace 6 meses
Heredia, Costa Rica Experian A tiempo completoFull-time Employee Status: Regular Role Type: Hybrid Department: Information Technology & Systems Schedule: Full Time Shift: Day Shift **Company Description**: **Experian **is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by...