Threat & Vulnerability Analyst-2

Regeneron is founded on the belief that the right idea combined with the right team can lead to significant transformations. Our growing global network is dedicated to inventing developing and commercializing medicines that change lives for those with serious diseases. In doing so we are pioneering innovative approaches to science manufacturing and commercialization as well as redefining our understanding of health.

TVM Analysts focus on cybersecurity vulnerability identification facilitate prioritybased patching and validate remediation efficiency. Operational requirements include leveraging TVM and information technology service management (ITSM) platforms to provide transparency quantification and accountability for remediation efficacy. This includes the utilization of reporting executive summaries and realtime dashboards. Additional responsibilities include chipping in to cybersecuritys strategic maturity roadmaps collection and analysis of cyber vulnerability intelligence IT and business unit partnership.

A typical day might include the following:

• Manage cybersecurity vulnerabilities and risks across Regeneron including identifying supporting application and system owners to manage risks and remediate vulnerabilities.

• Conduct vulnerability assessments of scans of servers websites workstations serverless technology network devices cloud infrastructure and other assets using various vulnerability management platforms and tools.

• Analyze enterprise cybersecurity policies and configurations to evaluate compliance with regulations and enterprise policies and standards.

• Assist with selection of industry best of breed cybersecurity controls to mitigate risk

• Collection reporting and metrics generation for multiple cyber TVM datasets. This includes patching efficiency identifying system misconfigurations and security hygiene assessments.

• Support the process of Security Compliance assessments of systems and multitenant cloud services using industry standard processes to include Center for Internet Security (CIS) hardening guidelines

• Analysis and monitoring of cybersecurity feeds cyber threat intelligence and opensource intelligence on trending vulnerabilities and exploits.

• Partner with IT service providers to operate maintain and enhance TVM platforms. This includes native Operating System cloud security and data aggregation platforms

• Collaborate and partner with crossdepartmental peers (technical and nontechnical) to report synthesize and prioritize vulnerabilities and threats based on contextual assets and relationship data.

• Leverage industry and compute environment data to assess current and alternative technical solutions and processes for continuous enhancement and issue resolution.

• Supports and enables Regenerons global (US (United States) EU (European Union) APAC) Science to Medicine business objectives through enriching the cybersecurity defense posture.

• Support Regenerons TVM capability to identify assign and validate remediation of compute environment vulnerabilities. This encompasses Regenerons onprem hybrid and multitenant cloud environments.

This job might be for you if you:

• Possess a Bachelors Degree and 2 years of relevant experience into Threat and Vulnerability

• Knowledge proven track record and skills in vulnerability assessment prioritization assignment validation and tracking.

• Experience and working knowledge of vulnerability management tools such as Nmap Qualys Tenable Nessus Microsoft Defender Wiz Rapid7 AWS Inspector Orca.

• Familiarity with OWASP (Open Web Application Security Project) Top 10 CIS Security Controls MITRE ATT&CK Framework

• Solid understanding of multitenant cloud environments (AWS Azure GCP) vulnerability mitigation techniques and system hardening.

• Proven threat and vulnerability assessment skills or knowledge gained through experience or academia.

• Ability to understand threat modeling and apply technical administrative and security control risk mitigation.

• Organized reliable detail oriented.

• Proven or conceptual abilities to navigate levels through thought equity.

• Cybersecurity tool familiarity. E.g. SIEM (Security Information and Event Management) IDS/IPS Email Protection Firewalls DLP (Data Loss Prevention) EDR (Endpoint Detection and Response) etc.

• Experience gained through a sophisticated organization and managed security providers and vendors.

• Excellent problemsolving skills and attention to detail.

• Demonstrable experience in customer service communication and relationship building.

• Ability to work independently and as part of a team.

• CISSP CEH Security Network or equivalent are preferred.

Connect with us so we can learn more about you and you can learn more about our medicines. And join us in crafting the future of healthcare.

Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race color religion or belief (or lack thereof) sex nationality national or ethnic origin civil status age citizenship status membership of the Traveler community sexual orientation disability genetic information familial status marital or registered civil partnership status pregnancy or parental status gender identity gender reassignment military or veteran status or any other protected characteristic in accordance with applicable laws and regulations. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application process. Please contact us to discuss any accommodations you think you may need.

Does this sound like you Apply now to take your first step towards living the Regeneron Way! We have an inclusive and diverse culture that provides comprehensive benefits which often include (depending on location) health and wellness programs fitness centers equity awards annual bonuses and paid time off for eligible employees at all levels!

Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race color religion or belief (or lack thereof) sex nationality national or ethnic origin civil status age citizenship status membership of the Traveler community sexual orientation disability genetic information familial status marital or registered civil partnership status pregnancy or parental status gender identity gender reassignment military or veteran status or any other protected characteristic in accordance with applicable laws and regulations. The Company will also provide reasonable accommodation to the known disabilities or chronic illnesses of an otherwise qualified applicant for employment unless the accommodation would impose undue hardship on the operation of the Companys business.

For roles in which the hired candidate will be working in the U.S. the salary ranges provided are shown in accordance with U.S. law and apply to positions. For roles which will be based in Japan and/or Canada the salary ranges are shown in accordance with the applicable local law and currency. If you are outside the U.S Japan or Canada please speak with your recruiter about salaries and benefits in your location.

Please note that certain background checks will form part of the recruitment process. Background checks will be conducted in accordance with the law of the country where the position is based including the type of background checks conducted. The purpose of carrying out such checks is for Regeneron to verify certain information regarding a candidate prior to the commencement of employment such as identity right to work educational qualifications etc.