Vulnerability Management Consultant
What We'll Bring
The TransUnion Cyber Security program seeks a Consultant to join the Vulnerability Threat Management team and help in leading a Global effort whose goal is to proactively reduce the overall attack surface. The ideal candidate will collaboratively execute on core services that are essential to securing Transunion’s business.
The ideal candidate will have knowledge and experience with vulnerability management processes, vulnerability and policy configuration scanning and network security. Along with technical knowledge, attention to detail and follow-up are essential to succeeding in this role.
The role will provide technical expertise across the vulnerability management lifecycle including asset management, scanning, analysis and reporting. The role will advise support teams on patching and remediation efforts and provide regular updates to management.
**This is 100% remote**
What You'll Bring
The candidate must have a well-rounded knowledge of vulnerabilities and threats with focused understanding of modern trends of application as well as system and network related vulnerabilities such as:
Working knowledge of vulnerability management and security testing lifecycles, processes and procedures
Fundamental understanding of accepted security practices, known attack vectors and vulnerability assessment methodologies
Strong understanding of network protocols (TCP/IP, DHCP, DNS, TCP, UDP, etc.)
Basic knowledge of network access and identity and access management
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
Experience working in a team-oriented, collaborative environment requiring analytical and problem-solving skills
Ability to operate with minimal oversight in a fast-paced and, at times, nuanced environment
Strong foundational knowledge in software security and OWASP Top 10
Knowledge of cloud security fundamentals
Familiar with network technologies, development methodologies and experience with one or more programming languages-Ability to automate repeatable tasks
Familiarity with Vulnerability tools such as, Rapid7, Tanium, Sysdig, and SSDLC tools Checkmarx, Burp, AppScan, and BlackDuck, Seeker
Strong verbal and written communication skills
We’d love to see:
Experience with –AWS, Python, Containers and Orchestration, Splunk
Bachelor’s degree in Computer Science, Information Systems Management or equivalent experience
Willingness to work with multi-faceted and diverse teams
Think, plan and deliver out of the box projects
Generate valuable metrics and hence follow a data driven approach to security
Impact You'll Make
Impact You’ll Make:
Conduct research on current vulnerabilities and exploits using publicly available, trusted resources and other finished vulnerability products
Implement and utilize a combination of automated tools and manual checks to identify and validate vulnerabilities
Effectively communicate the risks associated with identified vulnerabilities and provide recommendations to mitigate said risks
Collaborate with various development and IT teams to help ensure designs and implementations meet specified security standards
Identify gaps in current vulnerability management processes and recommend areas for improvement