Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Vulnerability Analyst

Ingram Micro

Ingram Micro

Vulnerability Analyst

Irvine, CA
Full Time
Paid
Similar Jobs
  • Responsibilities

    DESCRIPTION

    Ingram Micro is an integral part of the technology ecosystems, helping our partners grow and thrive through the creation and delivery of Information Technology, Cloud solutions and Lifecycle services. With more than $54 billion in revenue and the ability to reach 90% of the global population, we are one of the world’s largest technology distributors, serving our partners through operations in 61 countries with 29,000 associates.

    This position has the opportunity for hybrid work with up to three days remote per week.

    We are looking for a highly skilled Vulnerability Analyst to add to our offensive security team that will be responsible vulnerability scanning our company’s websites and assets, including IOT devices in our warehouses and logistics centers. The analyst in this role is expected to provide technical expertise, coordinate with leadership, and assist the monitoring and response function.

    The Vulnerability Analyst will be responsible for assisting program maturity efforts and initiatives in Vulnerability Management and Application Security functions within the Infosec Operations department. This includes but is not limited to: driving improvements with vulnerability scanning automation; validation of vulnerability findings; asset/network discovery; regulatory scanning requirements; driving next generation security operations approaches/tools and producing automated dashboards to measure the effectiveness of the program.

    This position is based in Irvine, California with the possibility of being hybrid (partial in office and partial work from home) during normal business hours (8am to 5pm) to meet the needs of the client (other IT staff you support). You may be required to work outside normal business hours at times to satisfy different time zones and offshore teams as well as during emergency security incidents.

    YOUR ROLE:

    • As a Security Vulnerability analyst your role will be to support the Information Security Team and its initiatives.

    • Responsibilities include supporting the capabilities of our vulnerability management service including vulnerability scans, penetration tests, security assessments, application security testing, code scanning, and configuration management.

    • Perform vulnerability assessment coverage across the global organization.

    • Review all applicable threats, discover vulnerabilities, and collaborate with remediation treatment owners to remediate identified vulnerabilities.

    • Prepare vulnerability data and develop comprehensive, accurate reports and presentations for both technical and executive audiences.

    • Ensure knowledge creation around common vulnerabilities within the landscape and corresponding remediation practices.

    • Research the latest security best practices and technologies, staying abreast of new threats and vulnerabilities and helping disseminate this information within the groups at the company.

    • Utilize vulnerability scanning tools, penetration testing tools, custom scripts, exploits, related automation, and innovation.

    • Build processes that speed up the discovery and resolution of findings.

    • Work closely with developers and architects on identifying security issues early in the development cycle.

    WHAT YOU BRING TO THE ROLE:

    • Bachelor's degree from an accredited University. Equivalent combination of education and experience considered.

    • A year or more working in a "work from home" / remote capacity if working remote.

    • 3+ years of vulnerability management, red teaming, or similar experience.

    • Preferred 3+ years of strong hands-on experience in application and network vulnerability assessment, risk management, and providing remediation recommendations.

    • Basic Knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.

    • Experience with cloud service providers and their offerings.

    • Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors.

    • Experience using vulnerability scanning software such as Nessus, teanable.io, tenable.sc, or similar.

    • Knowledge of ITIL/ITSM/ITAM and change management processes within ServiceNow. Experience with ServiceNow's Vulnerability Response Module is a plus.

    • Strong technical understanding of CVSS, OWASP Top 10, SANS top 25, and Vulnerability Exploitability ratings.

    • Knowledge of programming and the ability to automate tasks in at least one language, including but not limited to Ruby, Python, Powershell, or BASH.

    • Familiar with Metasploit, Burp Suite, Nmap, and security assessment focused Linux distributions, such as Kali.

    • Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.

    • Preferred Certifications: SANS, CEH, OSCP, OSCE, OSWE, GWAPT, GPEN, GXPN, or equivalent certification, work experience, or skills.

    • Provide three current work references & pass a criminal background check.

    • Pass a proficiency exam related to the role.

    This is not a complete listing of the job duties. It is a representation of the things you will be doing, and you may not perform all these duties.

    Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check that includes verification of vaccination status.

    Ingram Micro requires all new associates to be fully vaccinated against COVID-19. Therefore, this position requires applicants to submit proof, prior to start date, that the successful applicant is fully vaccinated against COVID-19. Ingram Micro will comply with applicable laws regarding the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs. Applicants will be notified of the requirements of Ingram Micro’s COVID-19 policy and process for verification of vaccination status prior to the start of employment.

    Ingram Micro believes there is no place in our society for social injustice, discrimination, or racism. As a company we do not – and will not – tolerate these actions.

    Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.

  • Industry
    Information Technology and Services
  • About Us

    It’s no surprise that technology powers the planet. And what might surprise you is that Ingram Micro has the ability to reach more than 90% of the global population.

    By joining us, you make Ingram Micro’s contribution a reality: helping businesses grow, supporting industries from healthcare to education with their technology, or even connecting the world.

    What’s in it for you? Well, we take great care of our people, everyone is made to feel welcome, and opportunities to grow apply to all. But the prospect of shaping the future through technology is something you’re unlikely to find anywhere else.

    Let’s shape tomorrow.