Cyber Security Vulnerability Analyst (Remote Okay) – NBCUniversal – Philadelphia, PA Remote
The successful candidate will be joining NBCUniversal at an exciting time where it is transforming from an operational, tool-based cyber defense program to intelligence and threat-based organization. The vulnerability management team is no different; growing and transforming to a service offering for the entire company and partnering with the rest of the Cyber Security organization to shape the future of cyber defenses at NBCUniversal.
The successful candidate will be expected to ‘think like an adversary’, pulling from their diverse background and knowledge of IT, to identify, assess, prioritize and communicate vulnerabilities and threats across the systems and applications making up the NBCUniversal IT ecosystem.
This position is a remote position; however, prefer candidate resides in the East Coast or Central time zone.
- Primary responsibility will be to support Vulnerability Management Team at NBC Universal within the Operations Group. Operational responsibilities will include the following:
- Monitoring VM mailbox for customer requests
- Using ServiceNow Ticketing tool to create tickets for all customer requests and track work in this tool
- Configuring VM scans based on customer requirements and VM procedures
- Providing scan reports
- Configuring and executing validation scans
Additional Responsibilities to include:
- Research vulnerabilities in software, firmware, and devices, and modern exploits and exploitation techniques in the following areas: Microsoft platform (Server, workstation, applications), Open Systems platforms (Linux, UNIX, VM Ware ESX), Java, Adobe, Web Application, Java web app virtualization platforms (e.g. WebSphere), Networking, Databases (Oracle, SQL Server, DB2, IMS), and others.
- Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood, and impact
- Assists in designing correction plans, mitigations, and full remediation actions
- Understand and communicate attack chains to management and other stakeholders
- Collaborate with infrastructure and application owners on security hot-fixes or patch management validation
- Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
- Support the cyber incident response team in specified vulnerability discovery and identification tasks during crisis management.
- Coordinate with stakeholders to develop requirements for service enhancements
- 1-2+ years operational experience with the Qualys Vulnerability Scanning Application
- 3-5+ years of experience in either vulnerability management or related information security field
- Experience in threat and vulnerability management, security operations
- Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
- Advanced experience with vulnerability scanning tools (Qualys preferred) and other vulnerability management tools
- Demonstrate knowledge of networking concepts and devices (Firewalls, Routers, Switches, and Load Balancers)
- Demonstrate an understanding of network and web-related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Experience developing and improving KPIs, metrics, and trending for vulnerability management functions
- Understanding of how applications, networking, operating systems, and databases work
- Intellectual capability and curiosity to learn complex processes.
- Highly collaborative; personally, and professionally self-aware; able to and interested in interacting with employees at all levels; embody integrity, and represent and inspire the highest ethical standards.
- Strong sense of urgency and commitment, as well as sound business sense with a strategic, conceptual, and operational orientation
- Experience advising on technical related issues
- Passion for and interest in the media and entertainment industry highly desired
- Flexible, organized, and passionate about advanced cyber security
- Great interpersonal skills and love for a team environment
Sub-Business: Cyber Security
Career Level: Experienced
City: See List Below
State/Province: Multiple Locations
Country: United States
Multiple Locations: Englewood Cliffs – New Jersey, Philadelphia – Pennsylvania, Universal City – California
NBCUniversal owns and operates over 20 different businesses across 30 countries including a valuable portfolio of news and entertainment television networks, a premier motion picture company, significant television production operations, a leading television stations group, world-renowned theme parks and a premium ad-supported streaming service.
Here you can be your authentic self. As a company uniquely positioned to educate, entertain and empower through our platforms, Comcast NBCUniversal stands for including everyone. We strive to foster a diverse and inclusive culture where our employees feel supported, embraced and heard. We believe that our workforce should represent the communities we live in, so that together, we can continue to create and deliver content that reflects the current and ever-changing face of the world. Click here to learn more about Comcast NBCUniversal’s commitment and how we are making an impact.
NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.