Cyber Security Vulnerability Analyst
NBCUniversal, See List Below, Multiple Locations
Innovative, fast-paced, challenging.. we're everything you want in a workplace.
Level: Manager (Supervisor)
The successful candidate will be expected to ‘think like an adversary’, pulling from their diverse background and knowledge of IT, to identify, assess, prioritize and communicate vulnerabilities and threats across the systems and applications making up the NBCUniversal IT ecosystem.
This position is a remote position; however, prefer candidate resides in the East Coast or Central time zone.
Primary responsibility will be to support Vulnerability Management Team at NBC Universal within the Operations Group. Operational responsibilities will include the following:
- Monitoring VM mailbox for customer requests
- Using ServiceNow Ticketing tool to create tickets for all customer requests and track work in this tool
- Configuring VM scans based on customer requirements and VM procedures
- Providing scan reports
- Configuring and executing validation scans
- Research vulnerabilities in software, firmware, and devices, and modern exploits and exploitation techniques in the following areas: Microsoft platform (Server, workstation, applications), Open Systems platforms (Linux, UNIX, VM Ware ESX), Java, Adobe, Web Application, Java web app virtualization platforms (e.g. WebSphere), Networking, Databases (Oracle, SQL Server, DB2, IMS), and others.
- Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood, and impact
- Assists in designing correction plans, mitigations, and full remediation actions
- Understand and communicate attack chains to management and other stakeholders
- Collaborate with infrastructure and application owners on security hot-fixes or patch management validation
- Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
- Support the cyber incident response team in specified vulnerability discovery and identification tasks during crisis management.
- Coordinate with stakeholders to develop requirements for service enhancements
• 1-2+ years operational experience with the Qualys Vulnerability Scanning Application
• 3-5+ years of experience in either vulnerability management or related information security field
• Experience in threat and vulnerability management, security operations
• Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
• Advanced experience with vulnerability scanning tools (Qualys preferred) and other vulnerability management tools
• Demonstrate knowledge of networking concepts and devices (Firewalls, Routers, Switches, and Load Balancers)
• Demonstrate an understanding of network and web-related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Experience developing and improving KPIs, metrics, and trending for vulnerability management functions
• Understanding of how applications, networking, operating systems, and databases work
• Intellectual capability and curiosity to learn complex processes.
• Highly collaborative; personally, and professionally self-aware; able to and interested in interacting with employees at all levels; embody integrity, and represent and inspire the highest ethical standards.
• Strong sense of urgency and commitment, as well as sound business sense with a strategic, conceptual, and operational orientation
• Experience advising on technical related issues
• Passion for and interest in the media and entertainment industry highly desired
• Flexible, organized, and passionate about advanced cyber security
• Great interpersonal skills and love for a team environment
NBCUniversal owns and operates over 20 different businesses across 30 countries including a valuable portfolio of news and entertainment television networks, a premier motion picture company, significant television production operations, a leading television stations group, world-renowned theme parks and a premium ad-supported streaming service.
Here you can be your authentic self. As a company uniquely positioned to educate, entertain and empower through our platforms, Comcast NBCUniversal stands for including everyone. We strive to foster a diverse and inclusive culture where our employees feel supported, embraced and heard. We believe that our workforce should represent the communities we live in, so that together, we can continue to create and deliver content that reflects the current and ever-changing face of the world. Click here to learn more about Comcast NBCUniversal’s commitment and how we are making an impact.
NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.
At NBCUniversal, we believe in the talent of our people. It’s our passion and commitment to excellence that drives NBCU’s vast portfolio of brands to succeed. From broadcast and cable networks, news and sports platforms, to film, world-renowned theme parks and a diverse suite of digital properties, we take pride in all that we do and all that we represent. It’s what makes us uniquely NBCU.
Here you can create the extraordinary. Join us.
Be a Better NBCUniversal Candidate
Learn skills and get an insider's look at NBCUniversal when you watch classes taught by their top employees.
Want to learn more about NBCUniversal? Visit NBCUniversal's website.
Slack's cloud-based collaboration tools and services are used worldwide.