Infrastructure Vulnerability Analyst
Infrastructure Vulnerability Analyst
As an Infrastructure Vulnerability Analyst you will work as a member of the vulnerability management team responsible for reducing Booking.com's attack surface.
Vulnerability Management being under Security Operations umbrella, The Security Operations track covers a range of security disciplines from vulnerability management, access control, alert and response management through to measurement and reporting of the organisation's security posture. As a member of this team you will participate in the defence of one of the world's leading e-commerce organisations and have the opportunity to learn and develop skills in a truly world leading security practice.
- Support identification of vulnerabilities by enhancing vulnerability identification at process and technology level.
- Own and manage infrastructure vulnerability scanning process and tools and align with vulnerability identification KPIs.
- Support identification, triaging, assignment and remediation of vulnerabilities ensuring that vulnerability management lifecycle is followed.
- Timely respond to security threats by collaboration with other security teams and provide effective remediation solution complemented by compensatory controls.
- Perform validation of moderately to highly complex security reports.
- Provide data driven insights into improvement opportunities for infrastructure vulnerability management process.
- Prepare reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective.
- Work with engineering teams for effective patch management by providing highly customised reports and vulnerability metrics.
- Provide support for infrastructure penetration testing.
- Drive the remediation process to ensure vulnerable assets are patched or remediated within agreed SLAs
- Proactively research new methods, tools, and strategies to effectively identify vulnerabilities
- 5+ years working in security practices
- Advanced level of understanding regarding systems security at both technical and procedural level
- Advanced level of understanding of infrastructure vulnerability scanning tools
- Basic understanding of web application vulnerabilities and standards OWASP, SANS
- Understanding (technical aspects of) penetration testing and results (including scoping and organising of pentests, use of vulnerability scanners, vulnerability management tools)
- Good understanding of IT fundamentals across networking (such as DNS, SNMP, DHCP, IPSEC etc.), system, and application layers
- Excellent interpersonal and communication skills in order to share knowledge and to communicate effectively with different stakeholders (IT and business partners)
- Bachelor's Degree or equivalent experience
- Relevant industry certification (CISM, SANS)
- The ability to set up, configure and troubleshoot basic corporate network infrastructure.
- Demonstrate a strong interest and understanding of general network security concepts.
- Ability to communicate in an effective manner and interact with different levels of administration, technical and management with customers.
- Ability to understand technical manuals, online technical documentation, software specifications, and systems software operations.
- Excellent communication skills, good analytical and negotiation skills, and close attention to detail required. Must have excellent leadership, interpersonal and motivation skills and be a team player.
- Ability to communicate complex technical information to non- technical audiences required.
- Demonstrated adaptability to change, customer focus, continuous learning, and problem solving required
We are a performance-based company that offers career advancement and lucrative compensation, including bonuses and stock potential. We also offer what we call the "Booking Deal" with other competitive perks and benefits. The Technology department has monthly hackathons, training and attends/speaks at global conferences.
This position is open to worldwide candidates and in the case of relocation, we will assist you with a generous relocation package, ensuring a smooth transition to working and living in Amsterdam. We have successfully relocated 300+ Technology professionals to Amsterdam in the last year!
Back to top