Vulnerability Management Engineer

Job Description

Your Platform

Activision Blizzard plays a centralized role in the creation of epic entertainment by supporting our interactive gaming brands and studios with a diverse range of career opportunities across corporate functions such as Marketing, Communications, Legal, Human Resources, Finance and Supply Chain. Located in our global headquarters in Santa Monica, we encompass equal parts agility and creativity to improve the employee and player experience. To learn more, check us out at www.activisionblizzard.com or on Twitter at @ATVI_AB

ABK is looking for a Vulnerability Management Engineer with a passion for reducing risk in a fast-paced environment.

Responsibilities

Technical
• Being a subject matter expert for vulnerability management within the ABK enterprise
• Stay abreast of the release of new vulnerabilities, their potential impact, remediation/mitigation strategies, and known exploits
• Become the key point of contact for inquiries about vulnerabilities and vulnerability-related tickets
• Prepare security related assessment reports with clearly documented findings and recommendations
• Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing of third-party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective
• Ensure that all assets are being consistently scanned
• Support and contribute to development and maintenance of playbooks for vulnerability management
• Experience in Cloud Services like Google Cloud, AWS, Azure
• Work with other teams to drive new projects
• Act as an advocate for security and the team in all tasks and engagements, not just vulnerability management specific

Business Skills
• Identify gaps in our current processes, workflows and design architectures and recommend changes or enhancements as needed
• Organized and structure mindset, to help the team coordinate efforts and to build playbooks that will be leading our actions
• Taking complex technical situations and communicating them in ''plain English''
• Ability to problem solve independently and collaborate as a team to solve complex problems in support of the team's mission
• Ability to effectively present to small to large audiences of varying organizational levels

Minimum Qualifications
• Bachelor's degree or combined experience/education as substitute for minimum education
• 5+ years of directly related experience in vulnerability management including detecting, analyzing, and reporting on premise and cloud-based assets.
• Ability to evaluate business risks and recommend appropriate information security measures. Proven understanding of common vulnerability frameworks (e.g., CVSS, OWASP Top 10).
• Experience in configuration management of vulnerability assessment tools and testing. Understanding of system, application, and database-hardening techniques and practices.
• An understanding of NIST CSF, Risk Assessments, FAIR Risk Methodology, Audit Support, Executive Communications and Reporting, Risk Tracking / Exceptions Management and Issues Management.
• Working knowledge of MITRE ATT@CK and how to use it to drive defensive approach to security
• Experience with scanning tools such as Tenable, Qualys, etc.
• Ability to quickly adapt as the external environment and organization evolves.
• Ability to interact effectively at all levels of an organization and across diverse cultural and linguistic barriers. Project management skills. Excellent written and oral communication skills.

Preferred Qualifications
• Experience with Cloud Security Posture Management (CSPM) tools; such as Prisma Cloud, Wiz, etc.
• Cloud security specific certification (CCSP, etc.)
• Deep knowledge of securing multi-cloud environments (GCP, AWS, Azure, etc.)
• Industry certification (CISSP, CISM, etc.)
• Experience with pen testing approach, services, deliverables, remediation
• Background with threat intelligence collection, sharing, integration into security functions

We love hearing from anyone who is enthusiastic about changing the games industry. Not sure you meet all qualifications? Let us decide! Research shows that women and members of other under-represented groups tend to not apply to jobs when they think they may not meet every qualification, when, in fact, they often do! We are committed to creating a diverse and inclusive environment and strongly encourage you to apply.

We are committed to working with and providing reasonable assistance to individuals with physical and mental disabilities. If you are a disabled individual requiring an accommodation to apply for an open position, please email your request to accommodationrequests@activisionblizzard.com General employment questions cannot be accepted or processed here. Thank you for your interest.

Subject to eligibility requirements, the Company offers comprehensive benefits including:
• Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance;
• 401(k) with Company match, tuition reimbursement, charitable donation matching;
• Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave;
• Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others;
• If the Company requires that you move geographic locations for the job, then you may also be eligible for relocation assistance.

Eligibility to participate in these benefits may vary for part time and temporary full-time employees and interns with the Company. You can learn more by visiting https://www.benefitsforeveryworld.com/.

In the US, the standard base pay range for this role is $77,500.00 - $143,376.00 Annual. This base pay range is for the US and is not applicable to locations outside of the US Actual amounts will vary depending on experience, performance and location. In addition to a competitive base pay, employees in this role may be eligible for incentive compensation. Incentive compensation is not guaranteed.

Jobcode: Reference SBJ-gqz2k1-3-16-29-209-42 in your application.