Attack Surface Management Engineer
1 week ago
Job Description
Description
The Attack Surface Management engineer is responsible for activities related to Attack Surface Management, with the goal to ensure comprehensive visibility of Experian's attack surface and vulnerabilities.
Reporting Relationship
Reports to the Director Attack Surface Mgmt
Functions
Follows Attack Surface Mgmt processes to continuously monitor and improve visibility of the attack surface in order to detect anomalies faster and reduce incidences of cyber-attacks Perform verification/validation testing for vulnerabilities in external-facing web sites, web applications, and services; demonstrate exploitation steps and verify remediation/fixes Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques Engage with business stakeholders to ensure they fully understand their Attack Surface, and helps them identify prioritization of vulnerabilities Develops vulnerability KPIs/metrics to demonstrate coverage and remediation effectiveness Execute daily operations of the Attack Surface Mgmt program, including the interpretation of scanning results Asist in the identification of internal and external risks based on scanning results Assist in the attribution of findings to appropriate business owner Identify improvements to scan coverage Coordinate with IT and geographically dispersed business units vulnerability remediation and mitigation strategies Assist in the documentation and standardization of process and procedures related to Attack Surface Mgmt Aggregating vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpreting and presenting risk.Responsibilities/Requirements
Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws Understanding of common web application frameworks and web-based APIs Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc. In-depth knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7 and ServiceNow. Solid understanding of the application of the following frameworks and how they are applied to identifying and rating risk: OWASP, SANS, NIST, CIS, and MITRE ATT&CK. Ability to provide creative solutions to complex problems Ability to clearly communicate risk of vulnerabilities to all levels within an organization. Knowledge of major cloud platforms (AWS, Azure, or GCP). Knowledge of systems hardening and other risk mitigation factors on multiple technologies and operating systems (Window, Linux, Mac, routers, switches, Kubernetes). Certification that could be helpful but not required: CISSP, Security+, CEH, GIAC certifications. Ability to manage, organize, analyze, and present substantial amounts of data Experience selecting and deploying productPosition Requirements
Formal Education & Certification
Four-year college diploma or university degree in computer science or computer engineering, and/or 3 years equivalent work experience.Qualifications
Position Requirements
Formal Education & Certification
Four-year college diploma or university degree in computer science or computer engineering, and/or equivalent work experience.Knowledge & Experience
experience in information security vulnerability management role Experience with large scale and complex environments A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management and security and controls Excellent interpersonal skills and strong verbal and written communication An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood and actionable manner Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the businessPersonal Attributes
Excellent oral and interpersonal communication skills Outstanding writing and documentation skills Able to communicate ideas in both technical and user-friendly language Highly self-motivated and directed, with keen attention to detail Able to prioritize and execute tasks in a high-pressure environment Experience working in a team-oriented, collaborative environment Willing to travel globally as requiredAdditional Information
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
-
Sales Executive
1 week ago
Hyderabad, Telangana, India Neon Attack Full timeCompany DescriptionNeon Attack is the No.1 LED neon sign brand in India, based in Hyderabad. We specialize in creating fully custom neon signs for homes, businesses, and events. Our goal is to light up the world with epic LED neon signs that bring joy and creativity to any space.Neon Attack is a dynamic and innovative brand specializing in crafting custom...
-
Sales Executive
1 week ago
Hyderabad, Telangana, India Neon Attack Full timeCompany DescriptionNeon Attack is the No.1 LED neon sign brand in India, based in Hyderabad.We specialize in creating fully custom neon signs for homes, businesses, and events.Our goal is to light up the world with epic LED neon signs that bring joy and creativity to any space.Neon Attack is a dynamic and innovative brand specializing in crafting custom LED...
-
Social Media Marketing Specialist
1 week ago
Hyderabad, Telangana, India Neon Attack Full timeCompany DescriptionNeon Attack is the No.1 neon sign brand in India, specializing in fully custom LED neon signs for homes, businesses, and events. We are known for our epic creations that light up the world and provide a unique and vibrant touch to any space.Role DescriptionThis is a full-time on-site role for a Social Media Marketing Specialist in...
-
Penetration Tester
1 week ago
Hyderabad, Telangana, India NopalCyber Full timeJob Statement: Nopal Cyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant.Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense.AI-driven...
-
Penetration Tester
1 week ago
Hyderabad, Telangana, India NopalCyber Full timeJob Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven...
-
Assistant Vice President Operations
1 week ago
Hyderabad, Telangana, India NopalCyber Full timeJob Statement:NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant.Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense.AI-driven...
-
Infrastructure Vulnerability Mgmt.
1 week ago
Hyderabad, Telangana, India Alignity Solutions Full timeDo you love a career where you Experience , Grow & Contribute at the same time, while earning at least 10% above the market? If so, we are excited to have bumped onto you. Learn how we are redefining the meaning of work , and be a part of the team raved by Clients, Job-seekers and Employees. Jobseeker Video Testimonials Employee Glassdoor Reviews If you...
-
Lead Engineer
1 week ago
Hyderabad, Telangana, India Orica Full timeAbout OricaAt Orica, it's the power of our people that leads change and shapes our futures. Every day, all around the world, our people help mobilise vital resources essential to progress. Established in 1874, we have grown to become the world leader in mining and civil blasting with a diverse of team of more than 13,000 across the world.It's an exciting...
-
Engineer I
1 week ago
Hyderabad, Telangana, India TechnipFMC Full timeEngineer I (Surface) Location: Hyderabad, IN Employment type: Employee Place of work: Office Offshore/Onshore: Onshore TechnipFMC is committed to driving real change in the energy industry. Our ambition is to build a sustainable future through relentless innovation and global collaboration – and we want you to be part of it. You'll be joining a...
-
Penetration Tester
1 week ago
Hyderabad, Telangana, India NopalCyber Full timeConducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques.Application Penetration Testing (Browser-based, API, Mobile, IoT)Threat ModelingSource Code ReviewPerform penetration testing on web applications and APIs (internal and external) to...
-
Infrastructure Vulnerability Mgmt
1 week ago
Hyderabad, Telangana, India Alignity Solutions Full timeDoyou love a career where youExperienceGrow & Contributeatthe same time while earning at least 10% above the market If so weare excited to have bumped ontoyou.Learnhow we are redefiningthemeaningofworkand be a part of the team raved by Clients Jobseekers andEmployees.JobseekerVideoTestimonialsEmployeeReviewsIfyou are a Infrastructure Vulnerability...
-
Senior Manager SCM Transformation
1 week ago
Hyderabad, Telangana, India Zen Technologies Limited Full timeProven track record of SupplyChain Management in Engineering Industry with 10 to 20 yearsexperience. We are looking for professionals with experience inSupply Chain Transformation Supplier Selection Audits SupplierRatings New Vendor Development Quality Management Deliveryscheduling Supplier processes Supplier incentives in order toachieve lower costs better...
-
Senior Data Science Engineer
1 week ago
Hyderabad, Telangana, India Microsoft Full timeOverview : Are you a data enthusiast with a knack for engineering and analytics? Do you find joy in influencing product development through each stage of its lifecycle using data-driven insights? If you have a penchant for designing, measuring, understanding, and visualizing real-world user data to derive insights that drive business metrics, we are...
-
Software Engineer II
1 week ago
Hyderabad, Telangana, India Microsoft Full timeOverviewDo you want to be part of a startup culture while working for Microsoft? Do you like being close to the customer, ensuring Microsoft devices delight users? Want to work as part of a dynamic team?The Surface Post Launch Engineering team is looking for someone that can help shape the future of devices by being the face of our in-market...
-
Sr. Security Engineer
1 week ago
Hyderabad, Telangana, India Blue Yonder Full timeScope:Blue Yonder is seeking a Sr. Security Engineer (Digital Forensic and IR Analyst) in SOC Team within Enterprise Security Department.The primary responsibility is conducting forensic investigations for critical cyber incidents, collecting, and analyzing digital evidence, and assisting in the resolution of security breaches.The ideal candidate should have...
-
Software Engineer II
1 week ago
Hyderabad, Telangana, India Microsoft Full timeOverviewThe Apps and Services Platform Experiences org focuses on both the consumer and commercial experiences provided by the Surface platform of devices. The commercial team owns several Surface branded applications and services that enrich our Surface customer experiences, make it easier for customers to get the support they might need, monitor their...
-
Senior Manager SCM Transformation
1 week ago
Hyderabad, Telangana, India Zen Technologies Limited Full timeJob DescriptionProven track record of Supply Chain Management in Engineering Industry with 10 to 20 years experience. We are looking for professionals with experience in Supply Chain Transformation, Supplier Selection, Audits, Supplier Ratings, New Vendor Development, Quality Management, Delivery scheduling, Supplier processes, Supplier incentives, in order...
-
Senior Manager SCM Transformation
1 week ago
Hyderabad, Telangana, India Zen Technologies Limited Full timeJob DescriptionProven track record of Supply Chain Management in Engineering Industry with 10 to 20 years experience. We are looking for professionals with experience in Supply Chain Transformation, Supplier Selection, Audits, Supplier Ratings, New Vendor Development, Quality Management, Delivery scheduling, Supplier processes, Supplier incentives, in order...
-
Senior Manager SCM Transformation
1 week ago
Hyderabad, Telangana, India Zen Technologies Limited Full timeJob Description Proven track record of Supply Chain Management in Engineering Industry with 10 to 20 years experience. We are looking for professionals with experience in Supply Chain Transformation, Supplier Selection, Audits, Supplier Ratings, New Vendor Development, Quality Management, Delivery scheduling, Supplier processes, Supplier incentives, in order...
-
Security Operations Eng 2
1 week ago
Hyderabad, Telangana, India Microsoft Full timeOverview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to...