Senior Security Analyst [Threat and Vulnerability Management]-190016W0
Preferred Qualifications

As part of Oracle+NetSuite’s Security Team, the Senior Vulnerability Management professional is a key player in identifying, analyzing, reporting and driving remediation of security vulnerabilities across several NetSuite product lines.

Responsibilities

• Manage and continuously improve a global vulnerability assessment program, which includes identification, analysis, response, negotiation and reporting/presentation of cyber threat and vulnerabilities

• Provide the project team and key stakeholders with regular updates on the progress, key blockers, dependencies, ownership, target dates

• Partner with remediation team to ensure remediation of identified vulnerabilities occurs within noted timeframes and in adherence with corporate security policies

• Facilitate resolution of issues and roadblocks, escalate repetitive project delays in a timely, strategic manner utilizing project management techniques and methods

• Research and evaluate threats and vulnerabilities to assist in prioritization of remediation actions

• Work with other vulnerability management team and security team members to ensure alignment across projects and processes and seek for their guidance if necessary

• Develop and report on vulnerability metrics and KPIs on a regular basis

• Partner with stakeholders to streamline, standardize and mature vulnerability management program and tooling

• Develop templates, procedures, and guidelines for vulnerability management

Qualifications

• 5+ years of relevant work experience in information security or security assurance/compliance
• Thorough understanding of project/program management techniques and methods
• Strong knowledge of technology and security topics including network security, application security, infrastructure hardening and security baselines, web server, and database security
• Strong knowledge of industry standards regarding vulnerability management
• Knowledge of industry and regulatory requirements (i.e., PCI, ISO, etc.)
• Demonstrated ability to develop and deliver concise and effective communication
• Excellent problem-solving, and decision-making skills
• Highly self-motivated and directed
• Familiarity with tools like Qualys, Elasticsearch, Jira, Confluence
• Recognized industry certification and/or continuing education programs are a major plus including CISSP, Security+

Detailed Description and Job Requirements

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company*s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Job duties are varied and complex; independent judgment needed. May have project lead role. Prefer 5 years relevant experience and BA/BS degree.
As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable).