Senior Vulnerability Management AnalystApply
Become a Part of the NIKE, Inc. Team
NIKE, Inc. does more than outfit the world's best athletes. It is a place to explore potential, obliterate boundaries and push out the edges of what can be. The company looks for people who can grow, think, dream and create. Its culture thrives by embracing diversity and rewarding imagination. The brand seeks achievers, leaders and visionaries. At Nike, it’s about each person bringing skills and passion to a challenging and constantly evolving game.
Nike, Inc. Technology is responsible for making the world’s largest sport brand run faster, smarter and more securely. From infrastructure to security and supply chain operations, Technology specialists drive growth through top-flight hardware, software and enterprise applications. Global Technology aggressively innovates solutions to drive growth while creating and implementing tools that help make everything else in the company possible.Description
Nike Tech focus on providing Lean solutions that eliminate waste, enhance consumer value, and strengthen profitable business growth. Nike provides a unique global environment and diverse business; retail, marketing, manufacturing, and supply chain logistics. Attack Surface Management (ASM) is a key capability in our Information Security function.
We are a diverse and cross functional team that collaborates with a variety of technical stakeholders from application developers to infrastructure operations teams. The Attack Surface Management team proactively assesses Nike’s networks & infrastructure, applications and mobile experiences looking for gaps in Information Security best practices. We develop a variety of security tools and develop automation & integrations to further scale our technical solutions. Here at Nike, we win as a team and are looking for team members with a passion for information security to join our unique culture & environment.
The Sr Vulnerability Management Analyst is part of the CIS Security Operations Attack Surface Management Team (ASM), that participates in the attack surface reduction of global computing assets through the identification, and assessment of vulnerabilities. This role is responsible for performing thorough data analysis and identify prioritized remediation action to be ingested by various stakeholders across Nike Inc
- Review vulnerabilities’ data across diverse technologies and rapid changing environments including infrastructure and web applications to determine risk rating of vulnerabilities to business assets.
- Improve and automate upon existing vulnerability management lifecycle. Included but not limited, data ingestion & normalization, compliance metrics and detections on ephemeral assets.
- Work with business stakeholders to ensure remediation efforts adhere to corporate standards and policies.
- Provides analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
- Perform reoccurring and on demand scanning activities of both corporate and cloud environments utilizing enterprise platform.
- Interface with other CIS organizations such as Governance, Risk and Threat Intelligence to report on program status and coordinate risk tracking.
- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline.
- 4+ years of IT professional related experiences.
- One or more security related certificates
- Understanding of a variety of technical concepts with focus on cloud computing, automation, networking, systems administration, application development, and information security best practices.
- Experience with data metrics & normalization with the ability to provide qualitative & quantitative analysis and recommendations.
- Excellent verbal and written communication skills.
- Excellent organizational and/or project management skills.
- Ability to develop meaningful working relationships with a variety of other enabling teams.
- Excellent attention to detail, data accuracy, and data analysis.
- Self-motivated and operates with a high sense of urgency and a high level of integrity.
- Professional experience in Information Security.
- Vulnerability & Secure Code solutions such as Tenable Nessus, Rapid7 Nexpose, Qualys, WhiteHat, HP Fortify, Veracode, AppSpider.
- Intermediate to Proficient in scripting languages, preferably Python.
- Previous experience working in large scale environments with diverse technologies including Cloud technologies.
Demonstrated technical experience with:
- Network equipment and overall Tech infrastructure knowledge
- Diverse Cloud Computing (AWS & Azure)
- Automation and understanding of Pseudocode via Python or/and other preferred languages.
- Network Switching and Routing (Cisco, Juniper), Familiarity of TCP/IP and associated protocols.
- Understanding of Several Operating systems such as Windows Linux/UNIX Servers (Solaris, Red Hat Enterprise, Oracle Linux).
NIKE, Inc. is a growth company that looks for team members to grow with it. Nike offers a generous total rewards package, casual work environment, a diverse and inclusive culture, and an electric atmosphere for professional development. No matter the location, or the role, every Nike employee shares one galvanizing mission: To bring inspiration and innovation to every athlete* in the world.
NIKE, Inc. is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability.
Job ID 00430901