Attack Surface Management Senior Analyst

Profile

Best Buy

The Attack Surface Management (ASM) Senior Analyst independently manages team programs, projects, operations, and improvement initiatives in support of managing technical risk at scale across Best Buy. They work closely with IT and business groups to assist in the collection, analysis, and dissemination of vulnerability and configuration risk data. The Senior Analyst ensures that all business requests for service are dealt with promptly and professionally and that services are delivered according to the agreed schedule. They help manage stakeholder expectations and have responsibility for the business's satisfaction with how technical risk is managed.

The ASM Senior Analyst will train and mentor analysts on systems and standard operating procedures, manage multiple operational scopes of technical risk responsibility, and consistently work to formalize and improve the technical risk management processes. They must have a solid technical security foundation and be agile, quick learners for both processes and technologies to help support ASM technical assessment tools. The Senior Analyst needs to have a strong understanding of vulnerability and configuration risk identification, the critical business processes of Best Buy, and the systems that support them.

Core Responsibilities:

Research / Analytics

Review data and triage appropriately; understand vulnerabilities and misconfigurations, and make connections to broader potential threats

Proactively review technical data, interpret results, and form data-driven opinions to make recommendations on risk

Prioritize risk efficiently and appropriately; challenge assumptions and methodologies

Work with internal teams to respond to vulnerabilities

Documentation

Assist in shaping, tailoring, and delivering final documentation to leaders/clients

Assist in drafting reporting templates

Organize reports based on existing data sets; update/maintain the contents of various existing reports or data sets

Assist with determining which process and workflows should be utilized

Collaboration/Communications

Create or revise process documents/SOPs utilized by internal teams

Work with, and provide, day-to-day work direction to contingent workers on tasks, SOPs, etc.

Develop and maintain cross-functional partnerships; build relationships across teams and anticipate client needs

Build cross-functional capabilities to improve management of secure system configurations

Operations & Process Improvement

Manage ongoing vulnerability and configuration Health compliance requirements

Coordinate, execute, and deliver training sessions

Maintain and organize operating procedure content on internal documentation sites

Identify and understand potential vulnerabilities, gaps, or opportunities that may exist and communicate to leaders

Provide recommendations on solutions to fix/close identified gaps

Minimum Requirements:

2 years of experience working with vulnerability management and IT patching processes

2 years of experience in information technology, information security, or related fields

2 years of experience with Windows, Linux, Unix, and/or mobile platforms

1 years of experience with information security concepts, network architecture, hardware and software troubleshooting, and vulnerability/configuration management

Preferred Experience:

2 years of experience working with application-level vulnerability management

2 years of experience working with secure systems configuration management

2 years of experience designing or re-engineering business/IT processes

Experience with cloud-based IT systems and related security risks/controls

Experience with container-based IT solutions and related security risks/controls

Company info

Best Buy
Website : http://www.bestbuy.com