Security Analyst

**Why Catalina?** Catalina delivers omni-channel solutions to our customers with a long-standing history of rich data assets, but our _greatest _asset is our people. Our guiding principles set the stage for winning in the markets we serve, and our potential is powerful. When you join the Catalina team, you will be part of an inclusive environment that embraces flexibility, community involvement, work-life balance as well as opportunities to grow professionally.

**Our Team**

**Responsibilities**
- Build and define vulnerability scanning scope across global infrastructure and assets to expand coverage based on risk assessments, improve resolution timeliness, and reduce business risk by maturing the Vulnerability Management Program.
- Ensure security policy compliance by reviewing vulnerability scan results and impacts on the business with key stakeholders.
- Assist in tracking results, analyzing data, and configuring reports from vulnerability scans, code scans, and open-source scans
- Developing and enhancing key Vulnerability Management program performance and metrics dashboard
- Identify and make recommendations to configure and optimize server and desktop operating systems and enterprise patch management systems
- Protect, detect, and respond to cyber security threats by executing Catalina's Incident Response program.
- Update and enhance as needed the vulnerability management and incident response standard operating procedure documentations
- Research attempted or successful efforts to compromise system security; consult team with designing and implementing countermeasures as necessary.
- Recommend control and configurations improvements that align with security policies and legal, contractual, regulatory and audit requirements
- Stay current with the leading edge of cyber security threats and best practices
- Create adhoc security reports from the security tool deck
- Provide support as needed to assist the Security and Risk team

**Qualifications**
- Bachelor's degree in cyber security, computer science, management information systems, or a related field
- 1+ year of experience in information security e.g., security analyst or security engineer
- Experience in Incident Response, vulnerability management, and Security Information and Event Management
- Experience with penetration tests and vulnerability scans
- Experience in collaborating with third-party managed security services
- Familiarity with NIST and other security/risk frameworks
- General knowledge/experience of networks (TCP/IP, system networking, routing, and switching) to assess network vulnerabilities
- General knowledge/experience with operating systems (Windows / Linux) & Cloud computing (dev/ops, sec/dev/ops)
- Familiarity with PCI, GDPR, and/or other privacy compliance regulations preferred
- Strong verbal and written communication skills & Excellent customer service skills

**About Catalina**

**Diversity, Inclusion + Belongingness**

Catalina is committed to investing in, empowering, and retaining a more inclusive community within our company. We are dedicated to hiring and cultivating diverse teams of the best and brightest from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has a seat at the table and a voice to be heard. Our goal is to ensure that all our talented professionals are equipped with support, resources, and the opportunity to excel.
- The intent of this job description is to describe the major duties and responsibilities performed by incumbents of this job. Incumbents may be required to perform other job-related tasks other than those specifically included in this description._
- This position may be performed as a remote, work from home position. _
- This role is to be filled outside of the state of Colorado._
- We are proud to be an EEO employer M/F/D/V. We maintain a drug-free workplace._

LI-remote

LI-BP1