Job Description
The Job
The Cloud Vulnerability Management team proactively identifies and coordinates remediation of vulnerabilities and security deficiencies within the public cloud (AWS. Azure, GCP) infrastructure of WarnerMedia. This entails responsibility for the cybersecurity of nearly 900 public cloud accounts owned by Warner Brothers, HBO, CNN and other brands. The Vulnerability Management Analyst is responsible for working with engineers to the identify security deficiencies, security risk, and execution of risk mitigation efforts. The ideal applicant will have some experience with vulnerability assessment and management in a large enterprise and also have an awareness of public cloud infrastructure.
The Daily
• Managing the security vulnerability lifecycle from detection through notification and closure.
• Proactively identifying security risk in public cloud infrastructure (e.g. public S3 buckets, permissive NACL's, etc.)
• Meets with a variety of stake holders to prioritize and remediate vulnerabilities
• Monitoring and reviewing Cloud vulnerability and compliance scan results as they related to our Host and Cloud plane footprints
• Perform research and analysis of scheduled and on demand cloud vulnerability assessments and post results
• Maintaining core body of knowledge relating to emerging cloud security risks and vulnerabilities.
• Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities
The Essentials
• 2+ years of information security experience or experience in a related field or equivalent educational experience
• Strong knowledge of Windows and one of the following operating systems; *NIX, OS X, iOS, etc.
• Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel) and other standard (Customer specified) applications.
• Excellent analytical and problem-solving skills
• Strong interpersonal, oral and written communication skills
• The personality traits, work habits, and social skills necessary to work effectively within a dynamic and highly operational broadcast environment
• Exemplary personal and professional integrity
• Ability to work in a team environment
• Ability to explain and quantify the risk of cloud vulnerabilities to a non-technical audience
• Some exposure to scripting and automation
• Certifications in related areas (e.g. SANS GPEN/GWAPT/GXPN, OSCP, CEH) are a plus
• An awareness of public cloud infrastructure
Jobcode: Reference SBJ-gx7kpz-54-158-138-161-42 in your application.