Security Analyst - Active Threat and Vulnerability Defense

Job Location

Job Description

Overview:

We are seeking a motivated and detail-oriented Junior Security Analyst to support our Active Threat and Vulnerability Defense (ATVD) program. This role is ideal for individuals with a strong interest in cybersecurity, a foundational understanding of vulnerabilities and common threats, and a desire to grow in a fast-paced security environment. In this role, you will be identifying, assessing, and remediating vulnerabilities across P&G systems while collaborating with Cyber Threat Intelligence (CTI), patching teams, application owners, development teams, and security leaders throughout the organization.

At Procter & Gamble, we embrace a hybrid work model that combines the flexibility of remote work with the collaborative benefits of in-office engagement. Employees can enjoy the option to work from home two days a week while also spending time in the office to foster teamwork and enhance communication.

Key Responsibilities:

• Vulnerability Scanning Support: Run vulnerability scans across endpoints, servers, networks, and cloud assets. Utilize scanning tools to identify potential vulnerabilities and ensure comprehensive coverage.
• Data Review and Analysis: Review and analyze vulnerability data to prioritize findings. Generate reports that provide actionable recommendations for remediation efforts.
• Remediation Tracking and Support: Track ongoing remediation efforts, follow up on mitigation progress, and assist in the timely management of patch cycles to ensure vulnerabilities are addressed.
• Threat Intelligence Monitoring: Monitor threat intelligence feeds for new vulnerabilities and assess their potential impact on organizational systems. Contribute to the understanding of emerging threats.
• Collaboration with Teams: Collaborate with security, infrastructure, and development teams to validate findings and provide context on risks associated with vulnerabilities.
• Stakeholder Communication: Assist in communicating vulnerability posture to IT and business stakeholders, translating technical information into understandable terms.
• Process Improvement: Maintain and improve internal tools and processes for tracking threats, exposures, and mitigation activities to enhance operational efficiency.
• Scripting and Automation: Support automation efforts by developing scripts to streamline vulnerability scanning and reporting processes, enhancing overall efficiency.
• Continuous Learning: Stay updated on global threat trends, security advisories, and zero-day vulnerabilities. Engage in learning opportunities to deepen knowledge of vulnerabilities, exploits, and security frameworks.
• Proactive Attitude: Demonstrate eagerness to learn and adopt cybersecurity best practices, contributing to a culture of security awareness within the organization.

Job Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
• Experience using vulnerability scanning tools and platforms related to vulnerability management.
• Familiarity with common security concepts and industry frameworks such as MITRE ATT&CK, CVEs, CVSS scoring, good understanding of patching processes, and attack vectors.
• Strong technical skills, including proficiency in scripting (Python, Bash, PowerShell, or equivalent) and experience with API integration, automation, and security tools.
• Strong analytical and problem-solving skills with keen attention to detail.
• Good written and verbal communication skills, especially in translating technical issues for non-technical audiences.
• Eagerness to learn and a proactive attitude toward embracing cybersecurity best practices.
• Preferred experience with Vulnerability Analysis, Enterprise Endpoint Security and Security Orchestration, Automation and Response (SOAR), Network Scanning, Network Security (IPS/IDS), Security Protocols and Operating Systems (Windows, Unix, Linux), Log Analysis and Correlation.

Job Schedule

Job Number

Job Segmentation