InfoSec Senior Associate - Vulnerability Management

Who are we?Equinix is the world's digital infrastructure company®, shortening the path to connectivity to enable the innovations that enrich our work, life and planet.A place where tech thinkers and future builders turn bold ideas into breakthrough experiences, we welcome your unique perspective.Help us challenge assumptions, uncover bias, and remove barriers-because progress starts with fresh ideas. You'll find belonging, purpose, and a team that welcomes you-because when you feel valued, you're empowered to do your best work.Job SummaryThe Threat and Vulnerability Management (TVM) Analyst promotes security by identification, assessment, and reporting of security vulnerabilities pertaining to corporate assets to reduce risk of exploitation via prioritized remediation and achievement of service-level agreements (SLAs). These processes involve vulnerability scanning, risk analysis, patch management, and coordinating remediation with multiple internal teams, often across cloud, container, and application environments. Common vulnerability scanner operation, understanding cloud security (e.g., AWS, Azure, GCP, etc.), understanding common software development and software security practices, and ability to navigate compliance frameworks are important skills and knowledge for this role. The TVM Analyst evaluates internal and external vulnerability scanning results, addresses false positives, and produces and disseminates related reporting to TVM stakeholders. Current knowledge of industry standards and best practices in vulnerability management assists the TVM Analyst in contributing to continued improvement of the TVM program. Additionally, this individual works with internal team members to ensure that systems remain functional, secure, and are managed in an efficient and scalable manner. ResponsibilitiesConfiguring and executing scheduled and ad hoc network- and host-based scans using enterprise-grade tooling to identify vulnerabilities within multiple environmentsDeveloping and enhance scanning strategies to ensure comprehensive scanning coverage across the entire companyAnalyzing vulnerability data to identify trends, patterns, and potential impacts and reporting findings to relevant stakeholdersPartnering with enterprise-wide stakeholders to understand environmental, compliance, and other factors that may influence prioritization of remediation of vulnerabilitiesNotifying system owners and other vulnerability stakeholders on a periodic basis and assisting in achievement of remediation within established SLAs by asserting formal processesCreating, maintaining, and presenting weekly and monthly metrics to stakeholder, management, and executive management audiencesMaintaining and validating Operating System Baseline Configuration standards that are mapped to standards such as the Center for Internet Security (CIS) Critical Security ControlsCommunicating risks and recommending security controls to stakeholders at all levelsAssessing exposure to zero-day and other significant vulnerabilities to ensure timely response to threats and risksQualificationsExperience working with a vulnerability scanning platforms (e.g., Nexpose, Nessus, Qualys, etc.)Strong technical skills related to operating systems, networks, applications, virtualization, and cloud environmentsKnowledge of security best practices, risk assessment, and vulnerability classification (e.g., CVSS, MITRE ATT&CK, etc.)Extensive automation experience using Python, PowerShell, or other common means of automating repeatable work tasksUnderstanding of asset and application management systems and ability to use these systems in a scaled manner to work efficientlyExperience working with information security teams such as fusion centers, security operations centers, vulnerability assessment, vulnerability threat management, and security incident managementStrong understanding of potential compensating controls related to asset and application vulnerability to assist in prioritization of vulnerability remediationMust be a self-starter, self-motivated, and able to work independently with little oversightStrong communications skills and the ability to positively influence vulnerability stakeholdersBachelor's degree required, master's degree preferredDegrees and/or Certifications in information security and similar preferredThe targeted pay range for this position in the following location is / locations are:Poland - Warsaw Office WAO : 124,000 - 198,000 PLN / AnnualOur pay ranges reflect the minimum and maximum target for new hire pay for the full-time position determined by role, level, and location.The pay range shown is based on our compensation structure in place at the time of posting and may be updated periodically based on business needs. Individual pay is based on additional factors including job-related skills, experience, and relevant education and/or training.The targeted pay range listed reflects the base pay only and does not include bonus, equity, or benefits. Employees are eligible for bonus, and equity may be offered depending on the position.Equinix BenefitsAs an employee, you become important to Equinix's success. We ensure all your benefits are in line with our core values: competitive, inclusive, sustainable, connected and efficient. We keep them competitive within the current marketplace to ensure we're providing you with the best package possible. So, wherever you are in your career and life, you'll be able to enhance your experience and bring your whole self to work.Employee Assistance Program: An Employee Assistance program is available to all employees.Core Benefits - Pension: You will be enrolled in the employee capital plan or pension, known as PPK, a contributory pension scheme for you and your employer to save funds intended for withdrawal on retirement. Private Medical Insurance: You may enroll yourself and eligible dependents in Private Medical Insurance (PMI) for greater choice, flexibility, and access to specialist care for short-term illness or injury and so on. Life and Accident Insurance: Equinix provides Life and Accident Insurance cover for its employees which you can enroll in. Other Benefits and Perks - Employees have the option to select and use from a wide range of other benefits including: Annual Leaves, Flex Wallet (flexible spending account), Multi-sport Card, Lunch Pass Card, Discount Portal, statutory allowances and reimbursements (remote working, corrective glasses reimbursement), and paid and unpaid leaves in line with local market practices and regulatory requirements. More details on eligibility and rules for leaves are in Equinix's HR policies. Eligibility and contribution requirements apply to some benefits, in line with company policy. Benefits are subject to specific plan/program or insurer terms and conditions, including changes at Equinix's discretion. Equinix will be compliant will regulatory requirements on benefits and leaves.Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.We use artificial intelligence in our hiring process. Learn more here. Apply tot his job Apply To this Job