Security Vuln Metrics

hace 2 semanas

Heredia, Costa Rica Experian A tiempo completo

Company Description
**About us, but we’ll be brief**
Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been name in the 100 “World’s Most Innovative Companies” by Forbes Magazine.

**Job Description**:
**What you'll be doing**

**Responsibilities**
- This is an independent role, responsible for driving the development of vulnerability management metrics, gathering feedback from senior leaders in the organization, and being able to articulate metrics to senior leaders
- Evaluate and define functional requirements for vulnerabilities, flaws, and misconfigurations metrics
- Understand the end-to-end Cloud and Attack Surface Management metrics process including metrics collection, tracking, and reporting.
- Develop, maintain, and run advanced reporting, dashboards, scorecards and analytical results
- Communicate metrics to system owners and business partners on outstanding vulnerabilities, issues, and concerns.
- Develop and automate vulnerability metrics with specific procedures for data collection, analysis, and charting, partnering with necessary teams as appropriate.
- Determines requirements for technical solutions and tools to effectively implement Vulnerability Metrics
- Maps metrics back to strategic objectives for providing insight into the effectiveness and efficiency of Cloud and Attack Surface Management
- Develops vulnerability KPIs/metrics to demonstrate coverage and remediation effectiveness
- Develops program efficacy metrics to support platform stability and improvements
- Review business and internal requests for new or vulnerability management reporting, design the solution, and develop metrics
- Work with stakeholders to identify risk-based vulnerability management metrics that align with the security program and security risk management.
- Develop procedures to structure the metrics and reporting framework as part of a long-term strategy
- Produce timely scoping documents outlining the requirements for business requests
- Provide actionable recommendations to critical stakeholders based on data analysis and findings related to vulnerability management processes requiring reporting
- Aggregating vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpreting and presenting risk.

**Qualifications**:
**What your background looks like**
- Four-year college diploma or university degree in computer science or computer engineering, and/or 5 years equivalent work experience.
- 5+ related experience in Cyber Security/Information Security and Vulnerability Management reporting
- Experienced in tools like SQL, Tableau, MS Excel, etc.
- Experienced with collaboration tools such as JIRA, ServiceNow, Confluence, etc.
- Understanding of end-to-end security metrics process including metrics collection, tracking, and reporting, including ownership and responsibilities for each activity.
- Understanding of Common Vulnerability Scoring System (CVSS), including calculations and implications of base, temporal, and environmental scoring factors
- Experience with collecting, analyzing, and interpreting qualitative and quantitative data from various sources for the purposes of detailing results and analyzing findings to provide sophisticated threat intelligence.
- Familiarity with architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7, and ServiceNow.
- Ability to provide creative solutions to complex problems
- Ability to clearly communicate the risk of vulnerabilities to all levels within an organization.
- Knowledge of major cloud platforms (AWS, Azure, or GCP).
- Ability to manage, organize, analyze, and present substantial amounts of data
- Experience with large-scale and complex environments
- A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies
- Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management, and security and controls
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood and actionable manner

**Personal Attributes**
- Excellent interpersonal skills and strong verbal and written communication
- Proactive attitude, seeking improvement opportunities that can positively impact the security posture and the business
- Outstanding writing and documentation skills
- Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
- Able to communicate ideas in both technical and user-friendly language
- Highly self-motivated and directed, with keen attention to detail
- Able to prioritize and execute tasks in a high

  • Security Vulnerability Metrics

    hace 2 semanas

    Heredia, Costa Rica BMA Group A tiempo completo

    **Job Title**: **Security Vulnerability Metrics & Data Analyst** **Job Category**: Professional **Department/Group**: **Attack Surface Management** **Position Type**: Full time **Location**: Remote, Costa Rica **Reports to**: Director Attack Surface Management Security Vulnerability Metrics & Data Analyst Description This role will establish and...

  • Vulnerability Management Metrics Specialist

    hace 7 días

    Heredia, Costa Rica Experian A tiempo completo

    Company Description **About us, but we’ll be brief** Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years...

  • Attack Surface Management Metrics Specialist

    hace 7 días

    Heredia, Costa Rica Experian A tiempo completo

    Company Description **About us, but we’ll be brief** Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years...

  • Application Security Engineer

    hace 3 semanas

    Heredia, Costa Rica Global Services Business A tiempo completo

    An important Company in Costa Rica is looking for an Application Security Engineer **Responsibilities**: Application security reviews (SAST, DAST, Pen testing) Secure architecture design Threat modeling Security outreach to internal development teams Security guidance documentation Security metrics delivery and improvements Build deep relationships with...

  • Application Security Engineer

    hace 3 semanas

    Heredia, Costa Rica GSB A tiempo completo

    An important Company in Costa Rica is looking for an Application Security Engineer English Advanced **Responsibilities**: - Application security reviews (SAST, DAST, Pen testing) - Secure architecture design - Threat modeling - Security outreach to internal development teams - Security guidance documentation - Security metrics delivery and improvements -...

  • Application Security Engineer

    hace 1 mes

    Heredia, Costa Rica GSB A tiempo completo

    An important Company in Costa Rica is looking for an Application Security Engineer English Advanced Responsibilities Application security reviews (SAST, DAST, Pen testing) Secure architecture design Threat modeling Security outreach to internal development teams Security guidance documentation Security metrics delivery and improvements Build deep...

  • Application Security Engineer

    hace 4 semanas

    Heredia, Costa Rica GSB A tiempo completo

    An important Company in Costa Rica is looking for an Application Security Engineer English Advanced Responsibilities Application security reviews (SAST, DAST, Pen testing) Secure architecture design Threat modeling Security outreach to internal development teams Security guidance documentation Security metrics delivery and improvements Build deep...

  • Security Data Engineer Ii

    hace 1 semana

    Heredia, Costa Rica Experian A tiempo completo

    **Company Description** Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial...

  • Lead Security Partner

    hace 1 semana

    Heredia, Costa Rica Experian A tiempo completo

    Full-time Employee Status: Regular Role Type: Home Department: Legal & Compliance Schedule: Full Time **Company Description**: Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower...

  • Security Data Engineer Ii

    hace 1 semana

    Heredia, Costa Rica Experian A tiempo completo

    Full-time Employee Status: Regular Role Type: Home Department: Analytics Schedule: Full Time Shift: Day Shift **Company Description**: Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers -...

  • Security Analyst

    hace 2 meses

    Heredia, Costa Rica GFT Technologies SE A tiempo completo

    Job Description: About the role:   Responsible for ensuring that vulnerability disclosure program requirements are followed and adhered to on client applications and system topologies. You will collaborate with security, application, infrastructure and DevSecOps teams to ensure vulnerabilities are identified and...

  • Security Analyst

    hace 7 días

    Heredia, Costa Rica GFT Technologies SE A tiempo completo

    Job Description: About the role:   Responsible for ensuring that vulnerability disclosure program requirements are followed and adhered to on client applications and system topologies. You will collaborate with security, application, infrastructure and DevSecOps teams to ensure vulnerabilities are identified and managed. You will work proactively...

  • Security Analyst

    hace 4 semanas

    Heredia, Costa Rica GFT Technologies SE A tiempo completo

    Job Description: About the role:   Responsible for ensuring that vulnerability disclosure program requirements are followed and adhered to on client applications and system topologies. You will collaborate with security, application, infrastructure and DevSecOps teams to ensure vulnerabilities are identified and...

  • Cyber Security Assurance Analyst

    hace 3 semanas

    Heredia, Costa Rica Stryker Corporation A tiempo completo

    **Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: As a Cyber Security Assurance Analyst at...

  • Cyber Security Assurance Analyst

    hace 2 semanas

    Heredia, Costa Rica Stryker A tiempo completo

    **Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: As a Cyber Security Assurance Analyst at...

  • Staff Security Assurance Engineer

    hace 1 mes

    Heredia, Costa Rica Databricks A tiempo completo

    RDQ125R33The Databricks Security Assurance Team enables Databricks to achieve third party certifications and to manage vendor security risk, in order to help secure Databricks and provide confidence to customers. As a Staff Security Assurance Engineer with a focus on vendor security risk, you will be responsible for performing vendor security reviews, as...

  • Staff Security Assurance Engineer

    hace 4 semanas

    Heredia, Costa Rica Databricks A tiempo completo

    RDQ125R33The Databricks Security Assurance Team enables Databricks to achieve third party certifications and to manage vendor security risk, in order to help secure Databricks and provide confidence to customers. As a Staff Security Assurance Engineer with a focus on vendor security risk, you will be responsible for performing vendor security reviews, as...

  • PMO - Physical Security Analyst

    hace 4 semanas

    Heredia, Costa Rica Stryker A tiempo completo

    **Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: **Who we Want**: - ** Analytical problem...

  • Network Security Engineer

    hace 4 semanas

    Heredia, Costa Rica Moody's A tiempo completo

    The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and...

  • Physical Security Senior Coordinator

    hace 5 días

    Heredia, Costa Rica Stryker A tiempo completo

    **Why join Stryker?**: Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards - not to mention various social and recreational activities, all of which are location specific. **Know someone at Stryker?**: A Physical Security Senior Coordinator...