InfoSec Vulnerability Metrics & Data Analyst

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com

Job Description

As an InfoSec Vulnerability Metrics & Data Analyst, you will provide data-driven insights contributing to our organization's security strategy and vulnerability management practices. You will establish and maintain regional and global reports to support the Cloud and Application Attack Surface Management scope, embrace and integrate a threat-informed approach, and perform analytical reviews to enhance Experian's Cloud and Application Attack Surface Management.

You will join our Cloud and Application Attack Surface Management team and report to the Director of Attack Surface Management.

You'll have the opportunity to:

• Guide the development of vulnerability management metrics, gathering feedback and sharing metrics with senior leaders
• Evaluate and define functional requirements for vulnerabilities, flaws, and misconfiguration metrics
• Develop, maintain, and run advanced reporting, dashboard, and scorecard results
• Communicate metrics to system owners and partners on outstanding vulnerabilities, issues, and concerns
• Develop and automate vulnerability metrics with specific procedures for data collection, analysis, and charting, partnering with necessary teams
• Determine requirements for technical solutions and tools to implement Vulnerability Metrics
• Develop vulnerability KPIs and metrics to demonstrate coverage and remediation effectiveness
• Develop program efficacy metrics to support platform stability and improvements
• Review business and internal requests for new or vulnerability management reporting, design the solution, and develop metrics
• Work with stakeholders to identify risk-based vulnerability management metrics that align with the security program and security risk management.
• Develop procedures to structure the metrics and reporting framework as part of a long-term strategy
• Produce scoping documents outlining the requirements for business requests
• Provide recommendations based on data analysis and findings related to vulnerability management processes
• Aggregate vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpret and present risk.

Qualifications

Your background:

• Bachelor's degree in Computer Science or a related field, or 5+ years of equivalent work experience in Cyber Security/Information Security and Vulnerability Management reporting
• Experience with tools such as SQL, Tableau, PowerBI, and Excel
• Experience in ServiceNow query and report development
• Experienced with collaboration tools such as ServiceNow and Confluence
• Understanding of the end-to-end security metrics process, including metrics collection, tracking, and reporting
• Understanding of Common Vulnerability Scoring System (CVSS), including calculations and implications of base, temporal, and environmental scoring factors
• Experience collecting, analyzing, and interpreting qualitative and quantitative data from several sources to detail results and analyze findings to provide threat intelligence
• Familiarity with architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7, and ServiceNow
• Knowledge of major cloud platforms (AWS, Azure, or GCP)
• A broad understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies

Benefits/Perks:

• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off including volunteer time off, vacation, sick, and 12-paid holidays

Additional Information

Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; Great Place To Work™ in 24 countries, FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.