Attack Surface management

Job Description

The VOC VI & ASM Analyst will be part of a team responsible for monitoring and identifying vulnerabilities as well as proactively assessing their threat . The team also provides

comprehensive feedback and guidance on detected vulnerabilities to assist Security Officers and Application Manager on the remediation part.

This role takes a holistic approach to identifying newly published vulnerabilities and contextualizing them to company environment as well as tracking potential external entry points to systems and data.

The VOC VI & ASM Analyst is responsible for:

Vulnerability Intelligence (VI):

o Monitor new vulnerabilities and assess their criticality and risk severity based on threat, exploit

availability, ease of exploit, impact,

o Communicate and publish an assessment on vulnerabilities related to software

o Maintain timely, high-quality vulnerability bulletins, prioritizing issues against the Groups asset

exposure

o Update on a regular basis our software inventory in the scope of Vulnerability Assessment

Service

o Keep the vulnerability database up to date; enrich each CVE and security bulletin with QDS,

EPSS, CVSS metrics,

Attack Surface Management (ASM):

o Operate continuous monitoring of external assets via ASM Security tools

o Update on a regular basis the coverage of ASM tools, by adding known domains and IP ranges

o Assess the severity of the findings and confirm their presence (review, challenge, FP assessment,

o Track and report exposure trends; escalate high-risk findings to Blue-Team remediation owners

o Build and use the external footprint to proactively identify new threats and new vulnerabilities

o Leverage ASM tools to proactively identify external assets subject to newly published

vulnerabilities

BlackBox Pentesting:

o Drive proactive follow-up on detected vulnerabilities, engaging system owners and tracking

remediation to closure

o Active follow up with Application managers to onboard new application in the BlackBox

Pentesting service

Vulnerability Management:

o Vulnerability review, recategorization, and false positive identification

o Proactive vulnerability testing and replay

o Pre-analyze and consolidate vulnerability data from various scanning tools

o Prepare concise syntheses of available vulnerabilities

o Offer guidance to the SO and CISO on vulnerabilities

o Collaborate with key stakeholders to develop strategies for vulnerability management

Scripting and automation:

o Automate data extraction and data push from VI and ASM tools to DataLake tools

o Build automation workflows to streamline vulnerability identification, assessment, and reporting

o Collaborate with the offensive and defensive teams to enhance vulnerability assessment and

testing

Bachelor degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus

Proven experience (6+ years) working within the Cybersecurity field, with emphasis on security platform implementation & administration

Experience on Penetration testing actions (web application, infrastructure, )

Experience with security scanning tools

Experience with VI and ASM tools

Experience in investigating newly published vulnerabilities and assessing their risks and severity

Experience with scripting languages (e.g., Python, Bash, Powershell, C#, ) for automation and customization of security processes is a plus

Experience with Pentester tools (Burp, SQLmap, Metasploit, Kali environment, )

Strong technical skills with an interest in open-source intelligence investigations

Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins

Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders.

Personal Skills

Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills &

experience

Excellent ability to think critically under pressure

Strong communication skills to convey technical concepts clearly to both technical and non-technical

stakeholders

Willingness to stay updated with evolving cyber threats, technologies, and industry trends

Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust

security measures

---