Infosec Vulnerability Metrics And Data Analyst

Summary

Join Experian's Cloud and Application Attack Surface Management team as an InfoSec Vulnerability Metrics & Data Analyst. You will provide data-driven insights to enhance our security strategy and vulnerability management. Responsibilities include developing vulnerability management metrics, creating reports and dashboards, communicating findings to stakeholders, and automating data collection and analysis. You will work with various tools and technologies to aggregate vulnerability data and present risk. This role requires a Bachelor's degree in Computer Science or a related field, or equivalent experience, along with expertise in data analysis tools and vulnerability management. The position offers a competitive compensation package, comprehensive benefits, and a flexible work environment.

Requirements

• Bachelor's degree in Computer Science or a related field, or 5+ years of equivalent work experience in Cyber Security/Information Security and Vulnerability Management reporting
• Experience with tools such as SQL, Tableau, PowerBI, and Excel
• Experience in ServiceNow query and report development
• Experienced with collaboration tools such as ServiceNow and Confluence
• Understanding of the end-to-end security metrics process, including metrics collection, tracking, and reporting
• Understanding of Common Vulnerability Scoring System (CVSS), including calculations and implications of base, temporal, and environmental scoring factors
• Experience collecting, analyzing, and interpreting qualitative and quantitative data from several sources to detail results and analyze findings to provide threat intelligence
• Familiarity with architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7, and ServiceNow
• Knowledge of major cloud platforms (AWS, Azure, or GCP)
• A broad understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies

Responsibilities

• Guide the development of vulnerability management metrics, gathering feedback and sharing metrics with senior leaders
• Evaluate and define functional requirements for vulnerabilities, flaws, and misconfiguration metrics
• Develop, maintain, and run advanced reporting, dashboard, and scorecard results
• Communicate metrics to system owners and partners on outstanding vulnerabilities, issues, and concerns
• Develop and automate vulnerability metrics with specific procedures for data collection, analysis, and charting, partnering with necessary teams
• Determine requirements for technical solutions and tools to implement Vulnerability Metrics
• Develop vulnerability KPIs and metrics to demonstrate coverage and remediation effectiveness
• Develop program efficacy metrics to support platform stability and improvements
• Review business and internal requests for new or vulnerability management reporting, design the solution, and develop metrics
• Work with stakeholders to identify risk-based vulnerability management metrics that align with the security program and security risk management
• Develop procedures to structure the metrics and reporting framework as part of a long-term strategy
• Produce scoping documents outlining the requirements for business requests
• Provide recommendations based on data analysis and findings related to vulnerability management processes
• Aggregate vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpret and present risk

Benefits

• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off including volunteer time off, vacation, sick, and 12-paid holidays