Attack Surface & Vulnerability Analyst

Attack Surface & Vulnerability Management (ASVM) Analysts support Regeneron's ASVM capability to identify, assign, and validate remediation of compute environment vulnerabilities and misconfigurations. This encompasses Regeneron’s on-prem, hybrid, and multi-tenant cloud environments. This position supports and enables Regeneron’s, global (US (United States), EU (European Union), APAC) Science to Medicine business objectives through enriching the cybersecurity defense posture. ASVM Analysts focus on cybersecurity attack surface management, vulnerability identification, security control and visibility gap coverage, facilitate priority-based patching, validate remediation effectiveness, and support the tooling enabling the discovery mechanisms. Operational requirements include leveraging ASVM and information technology service management (ITSM) platforms to provide visibility, quantification, and accountability for remediation efficacy. This includes the utilization of reporting, executive summaries, and real-time dashboards. As an Analyst, a typical day may include: Manage cybersecurity vulnerabilities and risks across Regeneron including identifying and supporting application and system owners to manage risks and remediate vulnerabilities. Conduct vulnerability and security compliance assessments of scans of servers, websites, workstations, serverless technology, network devices, cloud infrastructure, and other assets using various vulnerability management platforms and tools. Create/edit/analyze enterprise cybersecurity policies and configurations to evaluate compliance with regulations and enterprise policies and standards. Collection, reporting, and metrics generation for multiple cyber ASVM datasets. This includes patching efficiency, identifying system misconfigurations, and security hygiene assessments. Support the process of Security Compliance assessments of systems and multi-tenant cloud services, leveraging industry best practices, to include, Center for Internet Security (CIS) hardening guidelines Analysis and monitoring of cybersecurity feeds, cyber threat intelligence, and open-source intelligence on trending vulnerabilities and exploits. Partner with IT service providers to operate, maintain, and enhance ASVM platforms. This includes native Operating System, cloud security, and data aggregation platforms To be considered for this role, you must meet the following: Knowledge, proven ability, and skills in defense-in-depth security control coverage and vulnerability assessment, prioritization, assignment, validation, and tracking. ASVM/ASM focused Cybersecurity tool familiarity E.g., CAASM (Cyber Asset Attack Surface Management), EASM (External Attack Surface Management), RBVM (Risk Based Vulnerability Management), CNAPP (Cloud Native Application Protection Platform), EDR (Endpoint Detection and Response), etc. Familiarity with CIS Security Controls, MITRE ATT&CK Framework Working knowledge of multi-tenant cloud environments (AWS, Azure, GCP), vulnerability mitigation techniques, and system hardening. Collaboration Collaborate and partner with cross-departmental peers (technical and non-technical) to report, synthesize, and prioritize vulnerabilities and threats based on contextual assets and relationship data. Innovation Leverage industry and compute environment data to assess current and alternative technical solutions and processes for continuous enhancement and issue resolution.