Threat and Vulnerability Analyst
ActiveCampaign is the marketing automation leader for small and mid sized businesses (SMB's) around the globe. Through a sophisticated yet easy-to-use platform and tools, we allow our customers to make meaningful connections to their customers. Often, we are the center of our customer's marketing strategies and critical to their success and future.
As the fastest-growing SaaS company in Chicago, we are scaling rapidly to keep up with market demand. We are growing all of our teams and looking for people who share our values, deliver innovation frequently and join us in our mission to grow our customer base from 75,000 today to millions.
At ActiveCampaign product is at our core and drives our business, and we’re looking for a self-motivated Threat and Vulnerability professional who understands the value of trust. Our customers trust us with their data and we are committed to continuously finding innovative ways to ensure that we are transforming, processing, and storing that data securely. The ideal candidate will take a pragmatic approach to developing a comprehensive Threat and Vulnerability management program that reduces the overall threat landscape of the organization.
What your day could consist of:
- Supports the Threat and Vulnerability Management (TVM) Team with reporting, management, and remediation of threats against the infrastructure and network of the entire organization
- Performs assessments and correlates vulnerability data, in order to quickly identify risks
- Recommends and tracks the application of fixes, security patches, and security updates
- Produces reports on patches, exploits, and vulnerabilities
- Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling
- Builds partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner
- Develops and improves metrics, and trending for vulnerability management functions
- Identifies and recommends appropriate measures to manage and remediate vulnerabilities, as well as reduces potential impacts on information resources to a level acceptable to senior management
- Perform security related audits such as SOC2
- Document security procedures and policies
What is needed:
- BS degree in a relevant IT security field/technology (or equivalent years of experience)
- Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting
- Experience with commercial vulnerability scanning tools i.e Nexpose, Nessus, and/or Qualys
- Excellent written and oral communications skills with a proven track record of taking initiative
- Minimum of 5 years of Linux/UNIX systems engineer & administrator experience
- Strong understanding of Ethernet, VLAN, IPv4/IPv6, ARP, DHCP, DNS, and other network protocols.
- Security+, GSEC, CISSP or similar security certifications are a bonus but not required
ActiveCampaign is an employee-first culture. We take care of our employees at work and outside of work. We'll share all the details later on but in summary: comprehensive health and welfare benefits including no premiums for employees, open time off plan, generous 401(k) matching with no vesting, lunch and endless snacks/ beverages, reimbursed commuting, education budgets, ongoing learning and development, a proactive approach to diversity and inclusion, career pathing and lots of swag.