The CSOC Vulnerability Management Team manages vulnerabilities and server non-compliance across all the businesses of Prudential, domestically and internationally.
The Vulnerability Management team has an opening for an Operations Analyst who will join our growing team and expanding program. The ideal candidate will have a minimum 1-5 years working in the vulnerability management space.
This role will provide technical expertise and work directly with various infrastructure teams to manage and maintain inventory reconciliation, asset and agent management and enforcement of enterprise standards. Your role will tied directly to maintaining tool account and permission resolution/remediation of hosts, maintenance of tools, scheduling of scanning, AMI cloud validations, reporting, automation and ownership of asset inventory along with scanning appliances and tools. You will work closely with team members for support and management.
You will support implementation and operations best practices while taking ownership of tasks and/or project work-streams, assist and perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables of the team.
Your role will support the team across the entire life cycle of operations tasks.
You should have knowledge and experience with vulnerability management and processes, Windows, Unix, and Linux operating systems, configuration management and vulnerability scanning. Knowledge of cloud and infrastructure support systems and network devices such as FW, WAFs, IDS/IPS. Along with your technical knowledge, attention to details and follow-up are core requirements to this role. You should have project management and team-building skills.
- Familiar with Unix, Linux and Windows operating systems and configurations
- Knowledge with cloud technologies, AMIs, scanning
- Programming and ability to create scripts
- Understanding of network services, vulnerabilities and attacks. Knowledge of application exploits and vulnerabilities. Knowledge of ports and services typical in configuration of web servers, file servers, and workstations
- Understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation
- Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies
- Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.
- Identifies opportunities for process and technical security improvements in the environment
- Excellent communication, presentation, writing and documentation skills
- Follow-up and attention to detail.
- Good deductive reasoning skills, creative thinker.
- Analytical and detail-oriented individuals must have a passion for information security, creativity to identify gaps and initiative to find the appropriate solutions to fill needs
- Bachelor's degree or higher in IT, CS, IS, with a focus in cyber security. Certifications a plus.