Vulnerability Management Analyst
At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.
Essential Duties and Responsibilities
- Perform comprehensive vulnerability assessments and continuous monitoring across the organization.
- Manage the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.
- Work with various different business units to perform vulnerability assessments on systems or applications before go live rollouts.
- Triage patch Tuesday releases and make recommendations on required remediations.
- Examine systems and applications to assess the current security posture.
- Manage vulnerability related tickets to ensure issues are remediated within proper timelines.
What You'll Need
Required
- Advanced knowledge of Server and client operating systems.
- Extensive experience with core vulnerability management scanners (e.g. Tenable, Nexpose, Qualys, etc.).
- Extensive experience with web application scanners (e.g. WebInspect, Netsparker, Burp, etc.).
- Ability to prioritize impactful vulnerabilities and reduce noise often associated with vulnerability tools.
- Experience working with Mac, Windows, Linux and/or other Unix-like variants.
- Thorough understanding of TCP, UDP, HTTP, IP and other network protocols.
- Understanding of how to triage vulnerabilities and validate tool findings before reporting them or taking action.
- Possess the ability to work independently.
- Proactive go getter attitude to solve challenging problems.
- Stays up to date with current vulnerabilities and vulnerability related news in various industries.
Preferred
- Ability to automate and script tasks using your preferred language (e.g. GoLang, Python, Ruby, Perl, BASH)
- Ability to utilize and write scripts against common web APIs (REST, SOAP).
- Knowledge of cloud platforms and highly concurrent systems.
- Experience in regulated environments (FedRAMP, SOX, etc)
- You’re a clear thinker and efficient communicator (i.e written and verbal).
Education/Certifications
- Technical security certifications or academic background a plus.
#LI-NT1
Benefits of Working at CrowdStrike:
- Market leader in compensation and equity awards
- Competitive vacation policy
- Comprehensive health benefits + 401k plan
- Paid paternity and maternity leave, including adoption
- Flexible work environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.