Attack Surface Management (ASM) Senior Analyst
About The Position
The Attack Surface Management (ASM) Senior Analyst independently leads programs, projects, and operational initiatives to manage technical risk at scale across Best Buy. This role partners with IT and business stakeholders to collect, analyze, and communicate vulnerability and configuration risk data, translating findings into clear reporting and metrics that inform risk posture and decision‑making. The Senior Analyst ensures services are delivered effectively, manages stakeholder expectations, and contributes to continuous improvement of technical risk management processes. They mentor and support analysts, help maintain dashboards and reporting artifacts, and adapt quickly to evolving tools, technologies, and processes. A strong foundation in security, vulnerability and configuration risk, and an understanding of key business systems are essential for success. This role is hybrid, which means you will work some days at our corporate office in Richfield, Minnesota, and some days virtually from home or another non-Best Buy location. The specific work arrangements vary by role and team. The recruiter or hiring manager will provide more details during the hiring process.
Requirements
- 2 or more years of experience in cybersecurity or information security, including exposure to application security, secure coding practices, or other security-related technologies or processes.
- 2 or more years of experience with Windows, Linux, Unix, and/or mobile platforms
- 1 or more years of contributing to the successful operation of IT, security or risk programs through issue management, activity oversight, reporting, and cross‑functional coordination
- Strong written and verbal communication skills
Nice To Haves
- 2 or more years of experience supporting application or software security processes, including identification and remediation of security concerns.
- 2 or more years of experience implementing or maintaining secure configuration standards across systems or platforms.
- 1 or more years of experience designing, improving, or optimizing web applications.
- Hands‑on experience with cloud platforms and awareness of common security risks and control mechanisms.
- Experience working with containerized environments and understanding associated security controls and risks.
Responsibilities
- Analyze security and operational data to identify risks, prioritize issues, and support data‑driven recommendations.
- Partner with cross‑functional teams to coordinate responses, support secure system practices, and improve risk management processes.
- Develop and maintain documentation, reports, and templates that communicate security and compliance insights to stakeholders.
- Support and improve security, risk, and compliance workflows through process evaluation, documentation, and training.
- Monitor ongoing activities, identify gaps or improvement opportunities, and communicate findings and solutions to leadership.
Benefits
- Competitive pay
- Generous employee discount
- Physical and mental well-being support
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
