Threat and Vulnerability Analyst
ActiveCampaign is one of the fastest growing tech companies in Chicago revolutionizing marketing automation. Our software allows all of our users, the power to make smarter business decisions based on data-driven analytics.
At ActiveCampaign product is at our core and drives our business, and we’re looking for a self-motivated Threat and Vulnerability professional who understands the value of trust. Our customers trust us with their data and we are committed to continuously finding innovative ways to ensure that we are transforming, processing, and storing that data securely. The ideal candidate will take a pragmatic approach to developing a comprehensive Threat and Vulnerability management program that reduces the overall threat landscape of the organization.
What your day could consist of:
- Supports the Threat and Vulnerability Management (TVM) Team with reporting, management, and remediation of threats against the infrastructure and network of the entire organization
- Performs assessments and correlates vulnerability data, in order to quickly identify risks
- Recommends and tracks the application of fixes, security patches, and security updates
- Produces reports on patches, exploits, and vulnerabilities
- Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling
- Builds partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner
- Develops and improves metrics, and trending for vulnerability management functions
- Identifies and recommends appropriate measures to manage and remediate vulnerabilities, as well as reduces potential impacts on information resources to a level acceptable to senior management
- Perform security related audits such as SOC2
- Document security procedures and policies
What is needed:
- BS degree in a relevant IT security field/technology (or equivalent years of experience)
- Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting
- Experience with commercial vulnerability scanning tools i.e Nexpose, Nessus, and/or Qualys
- Excellent written and oral communications skills with a proven track record of taking initiative
- Minimum of 5 years of Linux/UNIX systems engineer & administrator experience
- Strong understanding of Ethernet, VLAN, IPv4/IPv6, ARP, DHCP, DNS, and other network protocols.
- Security+, GSEC, CISSP or similar security certifications are a bonus but not required
We continually invest in our employees and offer comprehensive benefits including 100% coverage of your medical premiums and 50% for dependents, open vacation policy, fully paid maternity and paternity leave, 401k matching, catered lunches every day in a kitchen stocked with snacks and fresh fruit, free CTA or Metra passes, and a DIVVY bike membership (to name a few).
At ActiveCampaign, we are committed to maintaining a culture that is inclusive and diverse. Our colleagues foster an environment that is warm, supportive, and helpful where we treat each other exceptionally well. We are looking to add curious, driven, and creative individuals to our team who are ready to grow with us!
Read Full Job Description