Sr. Infrastructure Vulnerability Analyst - Cloud

Blue Yonder is seeking an Sr. Infrastructure Vulnerability Analyst with Cloud expertise who would be responsible for scanning the entire infrastructure of the organization and mitigating the risk. The candidate will be interacting with internal technology functions to ensure they are made aware and stay updated on Secure Architecture and controls. Candidate will be directly responsible for vulnerability management and threat management of Blue Yonder infrastructure and information assets.

Responsibilities

• Perform vulnerability scans and report findings for On-prem and Cloud network.
• Publish the vulnerability status reports to senior management and track remediation.
• Define and participate in implementation of On-prem and Cloud architecture and security controls.
• Proactive identification of threats and risk remediation.
• Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
• Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
• Participate in and assist with incident response team, as appropriate.
• Generate metrics for the Management as needed.
• Prepare system security reports by collecting, analyzing, and summarizing data and trends.

Qualifications

• 4-7 years of proven experience in Information security or Vulnerability Management or Penetration testing; a Master's degree can be substituted for 2 years of experience.
• Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.
• Bachelor's degree in information security or Information Technology or Computer Science or related fields
• Deep and diverse experience architecting and implementing network security designs.
• Expert in network security, system security and endpoint security.
• Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.
• Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
• Proven experience with products dealing with vulnerability management services which include Retina, Qualys, Nessus, Nexpose, Burp, etc.
• Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
• Excellent customer service including strong written and oral communication skills.
• Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
• Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
• Certifications such as OSCP, CEH, CISSP or equivalent.
• Results focused and attention to detail.
• Ability to work with globally dispersed teams.

*LI-CW1

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Diversity, Inclusion, Value & Equality (DIVE) is our strategy for fostering an inclusive environment we can be proud of. Check out Blue Yonder's inaugural Diversity Report which outlines our commitment to change, and our video celebrating the differences in all of us in the words of some of our associates from around the world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.