Threat & Vulnerability Analyst-2

Regeneron is founded on the belief that the right idea, combined with the right team, can lead to significant transformations. Our growing global network is dedicated to inventing, developing, and commercializing medicines that change lives for those with serious diseases. In doing so, we are pioneering innovative approaches to science, manufacturing, and commercialization, as well as redefining our understanding of health.
TVM Analysts focus on cybersecurity vulnerability identification, facilitate priority-based patching, and validate remediation efficiency. Operational requirements include leveraging TVM and information technology service management (ITSM) platforms to provide transparency, quantification, and accountability for remediation efficacy. This includes the utilization of reporting, executive summaries, and real-time dashboards. Additional responsibilities include chipping in to cybersecurity’s strategic maturity roadmaps, collection and analysis of cyber vulnerability intelligence, IT, and business unit partnership.
**A typical day might include the following**:
Conduct vulnerability assessments of scans of servers, websites, workstations, serverless technology, network devices, cloud infrastructure, and other assets using various vulnerability management platforms and tools.
Analyze enterprise cybersecurity policies and configurations to evaluate compliance with regulations and enterprise policies and standards.
Assist with selection of industry best of breed cybersecurity controls to mitigate risk
Collection, reporting, and metrics generation for multiple cyber TVM datasets. This includes patching efficiency, identifying system misconfigurations, and security hygiene assessments.
Support the process of Security Compliance assessments of systems and multi-tenant cloud services, using industry standard processes, to include, Center for Internet Security (CIS) hardening guidelines
Analysis and monitoring of cybersecurity feeds, cyber threat intelligence, and open-source intelligence on trending vulnerabilities and exploits.
Partner with IT service providers to operate, maintain, and enhance TVM platforms. This includes native Operating System, cloud security, and data aggregation platforms
Collaborate and partner with cross-departmental peers (technical and non-technical) to report, synthesize, and prioritize vulnerabilities and threats based on contextual assets and relationship data.
Leverage industry and compute environment data to assess current and alternative technical solutions and processes for continuous enhancement and issue resolution.
Supports and enables Regeneron’s, global (US (United States), EU (European Union), APAC) Science to Medicine business objectives through enriching the cybersecurity defense posture.
Support Regeneron's TVM capability to identify, assign, and validate remediation of compute environment vulnerabilities. This encompasses Regeneron’s on-prem, hybrid, and multi-tenant cloud environments.
**This job might be for you if you**:
Possess a Bachelor’s Degree and 2+ years of relevant experience into Threat and Vulnerability
Knowledge, proven track record, and skills in vulnerability assessment, prioritization, assignment, validation, and tracking.
Experience and working knowledge of vulnerability management tools such as Nmap, Qualys, Tenable, Nessus, Microsoft Defender, Wiz, Rapid7, AWS Inspector, Orca.
Familiarity with OWASP (Open Web Application Security Project) Top 10, CIS Security Controls, MITRE ATT&CK Framework
Solid understanding of multi-tenant cloud environments (AWS, Azure, GCP), vulnerability mitigation techniques, and system hardening.
Proven threat and vulnerability assessment skills or knowledge gained through experience or academia.
Organized, reliable, detail oriented.
Proven or conceptual abilities to navigate levels through thought equity.
Experience gained through a sophisticated organization and managed security providers and vendors.
Excellent problem-solving skills and attention to detail.
Demonstrable experience in customer service, communication, and relationship building.
Ability to work independently and as part of a team.
CISSP, CEH, Security+, Network+ or equivalent are preferred.
Connect with us, so we can learn more about you, and you can learn more about our medicines. And join us in crafting the future of healthcare.
Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion or belief (or lack thereof), sex, nationality, national or ethnic origin, civil status, age, citizenship status, membership of the Traveler community, sexual orientation, disability, genetic information, familial status, marital or registered civil partnership status, pregnancy or parental status, gender identity, gender reassignment, military or veteran status, or any other protected characteristic in accordance with applicable laws and regulations. The Company wil