Attack Surface Management Analyst - 845
About The Position
The Attack Surface Management Analyst, reporting to the Director of Security Architecture & Assurance, is responsible for developing and executing the Attack Surface Management & Vulnerability Management Program at Quantinuum. This program will encompass the identification of security defects across the environment, coordination of remediation activities with system owners, and ongoing communication and reporting of risk status. This position will work closely with other security teams, along with IT and infrastructure teams, and product teams. This role will also work to coordinate 3rd party penetration tests.
Requirements
- High School Diploma/ GED minimum required
- Minimum 5+ years of experience in systems development, infrastructure management or cyber security required
- Due to Contractual requirements, must be a U.S. Person defined as, U.S. citizen permanent resident or green card holder, workers granted asylum or refugee status.
- Due to national security requirements imposed by the U.S. Government, candidates for this position must not be a People's Republic of China national or Russian national unless the candidate is also a U.S. citizen.
Nice To Haves
- Strong knowledge of networking and endpoint infrastructure, with basic knowledge of application development processes or penetration testing.
- Proven ability to communicate effectively and work collaboratively amongst multiple disciplines and organizations
- Excellent communication, analytical, and relationship-building skills.
- Knowledge or experience with vulnerability scanning and reporting tools (specifically Qualys and BitSight), methods and processes
- Ability to write custom programs or scripts (or modify existing code as necessary)
Responsibilities
- Build Vulnerability Management solution
- Build and deploy vulnerability management solutions, including infrastructure and any necessary agents or services.
- Identify & report security defects
- Configure and execute scans to identify security defects.
- Prioritize the remediation timelines of security defects based on overall risk.
- Prepare and communicate risk reports.
- Identify and work with stakeholders to address security defects
- Work with system and application owners on identifying and building processes to operate the program effectively, tracking within manageable tolerances.
- Liaise with vendors and suppliers as necessary for remediation activities if none are provided by scanning vendor(s), or if the solution provided by the scanning vendor(s) is otherwise untenable.
- Validate security defects are remediated satisfactorily
- Create and report metrics to show the effectiveness of the overall program
Benefits
- Flexible work schedule
- Employer subsidized health, dental, and vision insurance
- 401(k) match for student loan repayment benefit
- Equity, 401k retirement savings plan + 12 Paid holidays and generous vacation + sick time
- Paid parental leave
- Employee discounts
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
