Sr Analyst, Vulnerability Mgmt
United States - California - Burbank
Jul. 27, 2020
Company OverviewWarnerMedia is a leading media and entertainment company that creates and distributes premium and popular content from a diverse array of talented storytellers and journalists to global audiences through its consumer brands including: HBO, HBO Max, Warner Bros., TNT, TBS, truTV, CNN, DC Entertainment, New Line, Cartoon Network, Adult Swim, Turner Classic Movies and others.
Opportunity OverviewThe Team
The Cloud Vulnerability Management team proactively identifies and coordinates remediation of vulnerabilities and security deficiencies within the public cloud (AWS. Azure, GCP) infrastructure of WarnerMedia. This entails responsibility for the cybersecurity of nearly 900 public cloud accounts owned by Warner Brothers, HBO, CNN and other brands.
Sr Analyst, Vulnerability Mgmt
- Responsible for implementing, configuring and maintaining vulnerability and compliance scanning tools
- Conduct scheduled and ad hoc application and system scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and communicate findings effectively
- Ensure data flows are maintained between internal tools and enterprise wide reporting dashboard
- Develop and manage scanning/profiling tools and automated tasks
- Perform and post results of scheduled and on demand vulnerability assessments
- Provide technical feedback on proposed solutions to identified vulnerabilities
- Interface with vendor support teams to keep abreast of developments in product lines
- Research security testing tools, techniques, and processes
- Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities
- Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes
- Monitor team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the security operations center (SOC)
- Promote collaboration with our stakeholders and other security researchers to prioritize the remediation of vulnerabilities and close potential attack vectors.
- Understand asset criticality and the identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected
- Develop the vulnerability reports and score cards that the define current state of the corporate network security risk posture.
- Mentor and train more junior staff in vulnerability management and awareness. Prioritization of vulnerabilities, attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.
- Work closely with Security Incident Response Team and Architecture team members to help improve the team's abilities in Detection, Prevention and Response capabilities
- Work with business leaders and other CSO staff to prioritize vulnerability findings for remediation
- 4+ years of cyber security experience specifically working in Vulnerability Management
- 4-6 years of technology experience
- Ability to utilize best in class practices and determine best remediation path
- Advanced level knowledge of security algorithms, protocols and standards
- Advanced level knowledge of Windows and two or more of the following operating systems; *NIX, OS X, iOS, etc.
- Demonstrated knowledge of OWASP and SANS testing methodologies, and related tools such as Qualys, Splunk, AlertLogic, Burp, nmap, Metasploit, etc.
- Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel) and other standard (Customer specified) applications.
- Demonstrated knowledge of TCP/IP protocols, network analysis, and network/security applications
- Demonstrated experience with scripting languages, such as PowerShell, Python, Bash, PHP, etc.