Security Vulnerability Analyst
Job Summary
- Work with infrastructure application and cloud teams to assess and maintain the usability and efficacy of vulnerability reporting.
- Assist in prioritizing remediation efforts using frameworks such as CVSS EPSS and organizational risk criteria.
- Work with infrastructure application and cloud teams to coordinate vulnerability remediation and verify fixes.
- Advise on the feasibility of remediation efforts within established service-level agreements (SLAs).
- Monitor emerging vulnerabilities zero-day threats and vendor security advisories.
- Produce reports and dashboards that communicate vulnerability trends risk metrics and remediation status to technical teams and leadership.
- Assist with vulnerability exception reviews and risk acceptance documentation.
- Maintain vulnerability management processes documentation and standard operating procedures.
- Support compliance initiatives including PCI DSS ISO 27001 SOC 2 NIST HIPAA or CIS Controls as applicable.
- Participate in incident response by providing vulnerability analysis and remediation recommendations when needed.
- Recommend security reporting improvements that reduce recurring vulnerabilities and improve overall security posture.
Qualifications :
- Bachelors degree in Cybersecurity Information Technology Computer Science or equivalent experience.
- 25 years of experience in vulnerability management cybersecurity or information security.
- Experience with vulnerability management tools such as:
- Tenable Nessus
- Qualys VMDR
- Rapid7 InsightVM
- Microsoft Defender Vulnerability Management
- Axonius
- Panaseer
- Understanding of:
- CVSS scoring
- CWE
- CVE
- MITRE ATT&CK Framework
- OWASP Top 10
- Common operating systems (Windows Linux macOS)
- Cloud platforms (AWS Azure or GCP)
- Understanding of patch management cycles and how they tie to remediation SLAs.
- Ability to analyze technical data and communicate risk effectively to both technical and non-technical stakeholders.
- Strong analytical documentation and problem-solving skills.
- Experience working across security domains (vuln management plus possibly identity endpoint or compliance metrics) is a plus.
Additional Information :
Preferred Qualifications
- Security certifications such as:
- CompTIA Security
- CySA
- GSEC
- CISSP
- GIAC certifications
- Experience with scripting using PowerShell Python or Bash.
- Familiarity with SIEM EDR and SOAR platforms.
- Experience working in Agile or DevSecOps environments.
- Knowledge of vulnerability prioritization using threat intelligence and exploit data.
Our uniqueness is that we celebrate yours. Experians people first inclusive and purpose driven culture is multi award-winning; Worlds Best Workplaces 2025 (Fortune Global Top 25) Great Place To Work in 26 countries to name a few. Check out Experian Life on social or explore our Careers Site to understand why. Experian is also proud to be an Equal Opportunity and Affirmative Action employer. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.
Recruitment Fraud Awareness - Experians recruitment process is conducted only through authorised channels. Recruitment communications will only be sent from an @ email address. Experian will never ask candidates to make any payment as part of an application interview assessment onboarding or recruitment process. To apply for roles or verify opportunities please visit Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
Remote Work :
No
Employment Type :
Full-time
About Company
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, ... View more