Senior Security Vulnerability Analyst
4 tygodni temu
Job Description:
All software and systems contain defects or vulnerabilities in them. This role is concerned with the management of vulnerabilities that are known about, so to ensure an effective remediation strategy is in place to avoid them being exploited by threat actors.
The Senior Security Vulnerability Analyst role in Sportradar's Attack Surface Management team is to be responsible for identifying, assessing the risk they pose and prioritising vulnerabilities for remediation in conjunction with the system owners, employing a risk-based approach. Thereafter actively reporting on their status and managing them to resolution thus reducing the overall risk to the business.
As a Security Subject Matter Expert (SME), Senior Security Vulnerability Analysts are required
to be technically equipped to understand the different types of vulnerabilities, assessing and
prioritise them based upon their exploitabilitiy, severity and other relevant factors including
exposure and business criticality.
They will also be good communicators and work collaboratively with the system owners and
other members of the Security group so that the risk posture can be easily understood with
vulnerabilities being remediated effectively and in a timely manner.
The Senior Security Vulnerability Analyst is a key member of the Attack Surface Management
Team and reports into the Senior Manager of the Product Security unit which is part of the wider Sportradar Security group).
He / She will be a team-player and always seek to learn, improve processes as well as helping collegues in the wider team.
Accountabilities and Activities:
- Monitoring a variety of tools and systems for the identification of vulnerabilities of various types.
- Triage findings for true and false positives based on a variety of factors.
- Assess the risk of the vulnerability in the context of the system architecture, its data, business criticality, and the availability of exploits for that vulnerability.
- Communicating the results of the analysis effectively to key stakeholders in order to create a realistic remediation plan.
- Creating metrics and KPI reports to ensure that findings are being addressed in a timely manner and overall risk to the business is reduced.
- Becoming a Subject Matter Expert on the various tooling to ensure that it is returning optimal results.
- Assisting investigations into security incidents, and acting as subject matter expert for the vulnerability management domain.
- Identifying opportunities to improve effective vulnerability management across Sportradar.
- Contribute to the development and implementation of security policies related to vulnerability management, ensuring application security principles are applied during design and into business as usual processes to reduce risk, drive adoption and adherence to policies, standards and guidelines by the wider business.
- Maintaining and developing documentation for internal processes, security procedures, and remediation guidelines, and ensuring adherence to them.
- Clearly articulating security issues to Sportradar internal teams, both verbally and in written format as well as presenting information to management stakeholders to both technical and non-technical audiences.
- Troubleshooting and helping to resolve security issues for Sportradar teams.
- Acting as subject matter expert and primary point of contact for security questions from Sportradar internal teams.
- Maintaining relationships with strategic third-party Information Security suppliers, partners and industry forums.
- Generating bespoke reporting from the Sportradar monitoring solution in line with business requirements, ongoing investigations, or senior stakeholder requests.
- Provide advice and guidance on procedural and technical security controls.
- Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge.
- Work with the technical and solution architects to provide domain/specialist security expertise to IT projects in line with security strategy; contributing to and reviewing project documentation as necessary.
Required Experience:
- 5+ years experience working in an enterprise security environment, preferably in a technical security role.
- Knowledge of common operating system & cloud computing platforms, software development frameworks, network protocols, and security architecture.
- Knowledge of industry standard vulnerability management tools usage and implementation.
- Knowledge of current vulnerabilities and attacks.
- Excellent oral and written communication skills for both technical and non-technical audiences.
Desired Experience:
- Experience working in as a penetration tester or bug-bounty hunter.
- Experience in one or more high-level programming or scripting language.
- Hands-on experience with a variety of scanning tools at different stages of the SDLC.
- A track record of technical delivery working within a fast paced and pressured environment.
Qualifications, Education and Certifications:
- Bachelor’s or Master’s Degree in Computer Science, Information Technology, Information Security or similar, or equivalent industry experience.
- Industry certifications (or currently working towards them) such as:
- Security certs e.g. CISSP, CISM, CEH, OSCP, SANS etc
- Vendor certs e.g. AWS, Microsoft, Google, etc
- Other relevant certifications.
Additional Information
Sportradar is an Equal Opportunity Employer. We are committed to encourage diversity within our teams. All qualified applicants will receive consideration without regard to among other things, your background, status, or personal preferences
-
Vulnerability Assessment Analyst
4 tygodni temu
Warsaw, Polska Aion Bank Pełny etatWe are currently looking for a Vulnerability Assessment Analyst ready to join our adventure and share our ambition. What you will be doing? You will be analysing, and investigating security issues based on the analysis of vulnerability and configuration data from various sources and create reports to present the status of...
-
Vulnerability Assessment Analyst
1 miesiąc temu
Warsaw, Polska Aion Bank Pełny etatWe are currently looking for a Vulnerability Assessment Analyst ready to join our adventure and share our ambition. What you will be doing? You will be analysing, and investigating security issues based on the analysis of vulnerability and configuration data from various sources and create reports to present the status of...
-
Vulnerability Management Reporting Analyst @ ITDS
1 dzień temu
Warsaw, Polska ITDS Pełny etatJoin us, and make an impact through strategic business insights! Join us, and transform cybersecurity insights into action! Krakow-based opportunity with the possibility to work 100% remotely! As a Vulnerability Management Reporting Analyst , you will be working for our Client, a leading financial institution focused on enhancing cybersecurity reporting...
-
Senior Vulnerability Management Analyst
2 miesięcy temu
Warsaw, Polska IQVIA Pełny etatLocation: Portugal, Poland, Brazil Work model: Hybrid (1-2 days per week in the office) This is one of a key cybersecurity role within the global Information Security organization. The individual fulfilling this Information Security Manager role in Vulnerability Management team will partner closely with IT professionals both within the core Global...
-
Senior Vulnerability Management Analyst
2 dni temu
Warsaw, Polska IQVIA Pełny etatLocation: Portugal, Poland, Brazil Work model: Hybrid (1-2 days per week in the office) This is one of a key cybersecurity role within the global Information Security organization. The individual fulfilling this Information Security Manager role in Vulnerability Management team will partner closely with IT professionals both within the core Global...
-
Senior Security Engineer @
2 tygodni temu
Warsaw, Polska Appfire Pełny etatJob Description Appfire is seeking a highly skilled Senior Security Engineer to join our Appfire Information Security team. This Senior Security Engineer role will report to our CISO and work within our Security Engineering & Architecture team to handle diverse security engineering and architecture related tasks for our rapidly growing company, including...
-
Senior Security Engineer
7 dni temu
Warsaw, Polska Appfire Technologies, LLC Pełny etattechnologies-expected : Python Linux SQL about-project : Appfire is seeking a highly skilled Senior Security Engineer to join our Appfire Information Security team. This Senior Security Engineer role will report to our CISO and work within our Security Engineering & Architecture team to handle diverse security engineering and architecture related tasks for...
-
Senior Security Engineer @ Appfire
4 tygodni temu
Warsaw, Polska Appfire Pełny etatJob Description Appfire is seeking a highly skilled Senior Security Engineer to join our Appfire Information Security team. This Senior Security Engineer role will report to our CISO and work within our Security Engineering & Architecture team to handle diverse security engineering and architecture related tasks for our rapidly growing company, including...
-
Security Analyst @
2 tygodni temu
Warsaw, Polska Devire Sp. z o.o. Pełny etatDevire IT Outsourcing is a form of cooperation dedicated to IT professionals, based on the principles of own business - B2B, implementing projects for clients running innovative and modern projects.Our client is a global leader in the construction industry with a recognizable brand and high standards of business. It is a company that pays attention to...
-
Senior Security Compliance Analyst
4 tygodni temu
Warsaw, Polska Snowflake Pełny etatBuild the future of data. Join the Snowflake team.Snowflake is seeking a Senior Security Compliance Analyst to join our Global Security Compliance & Risk team and help drive compliance across Product Engineering and Corporate Engineering. The Sr. Security Compliance Analyst will be a critical and high-impact individual contributor who would perform...
-
Senior Security Compliance Analyst
4 tygodni temu
Warsaw, Polska Snowflake Pełny etatBuild the future of data. Join the Snowflake team.Snowflake is seeking a Senior Security Compliance Analyst to join our Global Security Compliance & Risk team and help drive compliance across Product Engineering and Corporate Engineering. The Sr. Security Compliance Analyst will be a critical and high-impact individual contributor who would perform...
-
Senior Security Compliance Analyst
1 miesiąc temu
Warsaw, Polska Snowflake Pełny etatBuild the future of data. Join the Snowflake team. Snowflake is seeking a Senior Security Compliance Analyst to join our Global Security Compliance & Risk team and help drive compliance across Product Engineering and Corporate Engineering. The Sr. Security Compliance Analyst will be a critical and high-impact individual contributor who would perform...
-
Senior Security Compliance Analyst
4 tygodni temu
Warsaw, Polska Snowflake Pełny etatBuild the future of data. Join the Snowflake team. Snowflake is seeking a Senior Security Compliance Analyst to join our Global Security Compliance & Risk team and help drive compliance across Product Engineering and Corporate Engineering. The Sr. Security Compliance Analyst will be a critical and high-impact individual contributor who would perform...
-
Senior Information Security Metrics Analyst
2 miesięcy temu
Warsaw, Polska IQVIA Pełny etatLocation: Portugal or Poland This is a key role within the Global Information Security organization. The individual fulfilling this role will be a member of the Information Security Governance Risk and Compliance Program Delivery and Improvement team, tracking the delivery of all CISO programs and BAU activities through metrics and continuously looking...
-
Senior Information Security Metrics Analyst
4 tygodni temu
Warsaw, Polska IQVIA Pełny etatLocation: Portugal or Poland This is a key role within the Global Information Security organization. The individual fulfilling this role will be a member of the Information Security Governance Risk and Compliance Program Delivery and Improvement team, tracking the delivery of all CISO programs and BAU activities through metrics and continuously looking...
-
Global Senior Cloud Security Engineer
2 tygodni temu
Warsaw, Polska Intrum Pełny etatAt Intrum, you will grow by making a difference. You will do it in a highly international environment and in a supportive culture where effort counts.Are you our new Global Senior Cloud Security Engineer? Location: Flexible, among our offices ().As part of our Global Cyber Security team we are looking for a Senior Cloud Security Engineer with a strong...
-
Network Security Engineer
1 miesiąc temu
Warsaw, Polska Michael Page Pełny etatProvide technical engineering security expertise for company-wide projects, implementing security standards and baselines, and researching advancements in all security technologies that would benefit secure business growth.Lead penetration testing requirements, findings, and mitigations.Lead vulnerability management program working closely with the patching...
-
Network Security Engineer
4 tygodni temu
Warsaw, Polska Michael Page Pełny etatProvide technical engineering security expertise for company-wide projects, implementing security standards and baselines, and researching advancements in all security technologies that would benefit secure business growth.Lead penetration testing requirements, findings, and mitigations.Lead vulnerability management program working closely with the patching...
-
Network Security Analyst
1 miesiąc temu
Warsaw, Polska Stryker Pełny etatWhy join Stryker?We are proud to be named one the World’s Best Workplaces and a Best Workplace for Diversity by Fortune Magazine! Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards...
-
Network Security Analyst
4 tygodni temu
Warsaw, Polska Stryker Pełny etatWhy join Stryker?We are proud to be named one the World’s Best Workplaces and a Best Workplace for Diversity by Fortune Magazine! Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards...
