InfoSec Vulnerability Metrics & Data Analyst - 100% US REMOTE ONLY

Job expired!

Company Description

About Us, To Put It Briefly
Experian is the world's leading global information services company, leveraging the power of data to generate more opportunities for consumers, businesses, and society. We're excited to announce that FORTUNE has recognized Experian as one of the 100 Best Companies to work for. Additionally, for the past five years, we've been listed among the 100 "World's Most Innovative Companies" by Forbes Magazine.

Job Description

We're looking for a Security Vulnerability Metrics & Data Analyst to join our Cloud and Application Attack Surface Management team. This unique role requires a comprehensive grasp of security vulnerability data analysis techniques and the prowess to design, implement, and manage security metrics and key performance indicators (KPIs). The successful applicant will play a crucial role in providing data-driven insights that shape our organization's security strategy and vulnerability management practices. This role will oversee regional and global reports that support the Cloud and Application Attack Surface Management scope, incorporate a threat-informed approach, and conduct regular analytical reviews to enhance Experian’s Cloud and Application Attack Surface Management with intelligent, prioritized, and actionable oversight.

Responsibilities

  • This is an autonomous role, responsible for spearheading the development of vulnerability management metrics, gathering feedback from organizational senior leaders, and effectively conveying these metrics to them
  • Evaluate and establish functional requirements for vulnerabilities, flaws, and misconfigurations metrics
  • Comprehend the holistic Cloud and Attack Surface Management metrics process, including metrics collection, tracking, and reporting
  • Create, sustain, and execute advanced reporting, dashboards, scorecards, and analytical results
  • Communicate metrics to system owners and business partners about outstanding vulnerabilities, issues, and concerns
  • Develop and automate vulnerability metrics with specific procedures for data collection, analysis, and charting, collaborating with relevant teams as needed
  • Define requirements for technical solutions and tools to efficiently implement Vulnerability Metrics
  • Trace metrics back to strategic objectives to provide insight into the effectiveness and efficiency of Cloud and Attack Surface Management
  • Create vulnerability KPIs/metrics to demonstrate coverage and remediation effectiveness
  • Formulate program efficacy metrics to support platform stability and improvements
  • Review business and internal requests for new or modified vulnerability management reporting, design the solution, and develop metrics
  • Collaborate with stakeholders to identify risk-based vulnerability management metrics that align with the security program and security risk management
  • Devise procedures to structure the metrics and reporting framework as a part of a long-term strategy
  • Generate timely scoping documents outlining business request requirements
  • Offer actionable recommendations to essential stakeholders based on data analysis and findings related to vulnerability management processes requiring reporting
  • Amalgamate vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpret and present risks

Qualifications

Your Background

Formal Education & Certification

  • A four-year degree from a college or university in computer science or computer engineering, and/or 3 years of relevant work experience

Knowledge & Experience

  • 5+ years of related experience in Cyber Security/Information Security and Vulnerability Management reporting
  • Proficiency in tools like SQL, Tableau, MS Excel, etc
  • Experience with collaboration tools such as JIRA, ServiceNow, Confluence, etc
  • Understanding of the entire security metrics process, including metrics collection, tracking, and reporting, as well as ownership and responsibilities for each activity
  • Experience with collecting, analyzing, and interpreting qualitative and quantitative data from various sources to detail results and analyze findings to offer advanced threat intelligence
  • Familiarity with the architecture, engineering, and operations of at least one vulnerability management tools, such as Wiz, Qualys, Rapid7, and ServiceNow
  • Ability to offer creative solutions to complex problems
  • Clear communication of vulnerability risks to all levels within an organization
  • Understanding of major cloud platforms (AWS, Azure, or GCP)
  • Aptitude for managing, organizing, analyzing, and presenting large amounts of data
  • Experience with large-scale and complex environments
  • Broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies
  • Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management, and security and controls
  • The capability to clearly and effectively communicate sophisticated and technical issues to a variety of audiences, orally and in writing

Personal Attributes

  • Excellent interpersonal skills and strong oral and written communication
  • Proactive attitude, continually seeking opportunities for improvement that can positively impact both the security posture and the business
  • Superb writing and documentation skills
  • A knack for organization and proven experience managing multiple high-visibility issues simultaneously
  • The ability to communicate ideas effectively in both technical and user-friendly language
  • Highly self-motivated and directed with a meticulous attention to detail
  • Ability to prioritize and execute tasks in a high-pressure environment
  • Capability to work independently
  • Experience functioning in a team-centric, cooperative environment
  • Openness to global travel as needed

Additional Information

All your information will be kept confidential according to EEO guidelines.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to build a vibrant, inclusive, and diverse team where people love their work and enjoy working together. We believe that diversity, equity, and inclusion are central to our objective of creating a better tomorrow. We value the unique contributions of every individual and encourage you to bring your whole, authentic self to work. For us, this is .