Information Security Analyst

Summary

Join Netskope as an Information Security Analyst on the Threat and Vulnerability Management team. This position will focus on identifying and mitigating security threats, performing vulnerability management, and supporting business units in their remediation efforts.

Requirements

• 1- 3 years of experience in Security
• Must have knowledge with tools Tenable, Qualys, NMAP, SCAPY, and other tools
• Must have the ability to understand hardening guidelines for new technologies and applications being adopted by Netskope
• Understanding of containerization and containerized applications, their security weaknesses and how to secure them
• Must have an understanding of patch automation, security orchestration, and management tooling for on premise, private cloud, and cloud infrastructure
• Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them
• Knowledge of TCP/IP and other application and network level protocols
• Knowledge of Cloud Applications like AWS, Azure and other SAAS Applications
• Excellent written and verbal communication skills
• Self-motivated, curious, knowledgeable pertaining to news and current events
• Ability to be effective in a remote global work environment
• Education: Bachelor’s degree/ relevant university degree and/or professional qualifications/certification (e.g. CEH, OSCP)

Responsibilities

• Monitor, analyze, and triage security events to ensure we maintain a strong security posture
• Provide Incident Response support when actionable security incidents are identified
• Evaluate and leverage security-focused products (such as application security scanners, endpoint security, vulnerability management, data loss prevention, etc.)
• Support and monitor access control management solutions and processes
• Perform 3rd party security assessments for new and renewing vendors
• Work with the business on customer security assessments and questionnaires
• Conduct security architecture reviews to assess technical and business risk; recommend ways to improve and update the security posture
• Work closely with the IT teams to review configurations, hardening and controls in diverse environments
• Maintain strong knowledge of recent security vulnerabilities, attack vectors, attack methods, and remediation techniques
• Develop security standards and best practices for the whole organization