Vulnerability Management Analyst London, England
Job description
Responsibilities
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo.
Why Join Us
At TikTok, our people are humble, intelligent, compassionate and creative. We create to inspire - for you, for us, and for more than 1 billion users on our platform. We lead with curiosity and aim for the highest, never shying away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist just beyond the boundary of possibility. Join us and make impact happen with a career at TikTok.
The Global Security Organization provides industry-leading cyber-security and business protection services to TikTok globally. Our organization employs four principles that guide our strategic and tactical operations. Firstly, we Champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first. Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development. We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile. Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk. In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office for 2 to 3 days a week, as directed by their manager. We regularly review our hybrid work model, and the specific requirements may change at any time.
The Vulnerability Management Junior Analyst is responsible for assisting the senior analyst in day to day activities. They will regularly be called on to log and track discovered vulnerabilities, perform continuous monitoring, manage the lifecycle of discovered vulnerabilities, provide reports, and other tasks as the business needs require. Analysts should have a basic understanding of vulnerability management tools and reports. They are expected to stay up-to-date with current advancements in cybersecurity developments and technologies.
Responsibilities:
- Support the development and maintenance of vulnerability management services, including vulnerability scanning, vulnerability assessments, and tracking support for vulnerability remediation
- Log and track discovered vulnerabilities
- Prioritize remediation tasks based on risk level, assign them to the relevant system owner, and monitor progress until completion
- Apply root cause analysis to identify and assess problems and key drivers of success. Draw potential conclusions from complex data sets
- Generate ad hoc metrics and reports as requested, providing insight into the vulnerability management program's effectiveness.
- Stay aware of current business and industry trends relevant to the business and cybersecurity
- Conduct vulnerability scans as directed by management
- Coordinate with customers regarding scanning schedule and scope review
- Develop and document processes and procedures for team members to use and to enhance efficiencies
Minimum Qualifications:
- Bachelor’s Degree or industry equivalent work experience in vulnerability management in a security program
- Basic understanding of vulnerability management processes and lifecycle
- Ability to work collaboratively in a team environment
- Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions
- Strong analytical and problem-solving skills
- A strong work ethic
- Ability to examine issues both strategically and analytically
- Ability to work on multiple, simultaneous initiatives
- Experience with data visualization and reporting (MS Excel, MS Powerpoint)
- Detail oriented, organized, follow up skills with an analytical thought process
- Security+, GSEC, or equivalent certification
- Familiarity with vulnerability management tools (e.g. Qualys, Nexpose, etc.)
- Familiarity with using one or more programming/scripting languages (e.g., Python, Java, etc.)
- Foundational knowledge of data analytics and visualization tools (Splunk, Tableau, etc.)
- Willingness and eagerness to learn outside of one's comfort zone
