Cyber Security Vulnerability Assessment Analyst - Career

The Cyber Security Vulnerability Assessment Analyst role is an individual contributor role to support a global program to actively identify and remediate network and system vulnerabilities across Equifax. The Cyber Security Vulnerability Assessment Analyst is responsible for ensuring that the vulnerability assessment program covers all Equifax assets, reporting results in a timely manner to IT groups and advising IT groups on remediation. As part of the Global Security Organization, you will need to develop strong relationships within Security and with IT globally in order to successfully execute the vulnerability assessments.

• This position does not offer immigration sponsorship (current or future) including F-1 STEM OPT extension support.

• This position can be based in Alpharetta, GA, Atlanta (midtown), GA, OR Saint Louis, MO. This resource should be local to one of these locations and will be required to work from one of those locations.

• Corporate Return To Office expectations: Onsite weekly requirements each Tuesday, Wednesday, and Thursday each week.

• Due to the nature of service management / security based positions, this role will require additional onsite responsibilities during the week (Monday and / or Friday) as needed, occasional work outside normal business hours, & possible travel (10% or less), due to the nature of investigations responsibilities.

What you’ll do

• Plan and execute vulnerability assessments across Equifax globally

• Deliver timely reports in line with security standards to IT teams with clear indications of remediation needs

• Use manual testing techniques and methods to gain a better understanding of the environment and validate false negatives/positives

• Identify gaps and areas of improvement for process and recommendations to fill those gaps or implement change

• Promotes and facilitates effective communication between the Information System, Security Engineering, Architecture, IT Operations and other departments and or business units.

• Maintains vulnerability management systems

What experience you need

• Minimum of a Bachelor’s degree or equivalent work experience

• Minimum of 5 years technology and/or security experience with emphasis in roles that required vulnerability assessments, patch management, pen testing, or other related skill sets.

• Working knowledge of multiple operating systems (Windows, Linus, AIX, UNIX, etc.) and server hardening processes

• Experience conducting internet searches/sourcing to find information on vulnerability remediation and manual vulnerability validation

• Will have a fundamental foundation or understanding of network design and architecture and TCP/IP / OSI models

• Has worked in regulated work environments and has been exposed to regulatory requirements such as: PCI, SOX, HIPAA, ISO 27002 standards, etc

What could set you apart

• College degree (BS/BA) preferred

• CISSP certification preferred

• Bi-lingual (Spanish and/or Portuguese preferred)

• Cloud environment experience (Google and/or AWS preferred)

• Knowledge and experience with vulnerability scanning solutions such as Qualys, Rapid7, Nexpose, and InsightVM.

• Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)

• Knowledge and experience with automation or scripting in tools such as GitHub, XSoar, Jenkins, etc.

• Ability to translate complex technical issues into common language

• Willingness to learn new technologies rapidly and remain at the cutting edge of technologies

• Outstanding team player but can work independently when required

• Considerable writing proficiency and visual design skills, oral presentation skills, problem solving and decision-making skills.

• Customer Focused. Ability to deal effectively with a wide range of vendors, service providers, and regulatory agencies

#LI-Hybrid

#LI-JC2