Associate Vulnerability Analyst

About Acquia:

Acquia, is transforming the digital strategies of companies all over the world with our open cloud platform. We are passionate and relentlessly committed to helping our clients create digital experiences that are more relevant, personalized, and built for a fast-changing, always-connected, mobile-first world. Headquartered in the US, we have been named as one of North America’s fastest growing software companies as reported by Deloitte and Inc. Magazine, and have been rated a leader by the analyst community and named one of the Best Places to Work by the Boston Business Journal. We are Acquia. We are building for the future of the web, and we want you to be a part of it.

About the role you are applying for...

Acquia’s global Vulnerability Management team is seeking an Information Security Analyst to work in our Pune, India office. In this role, you will perform asset management, vulnerability analysis, risk evaluation, and patch scheduling.

You keep up to date on global vulnerability news and security notices. You maintain a vulnerability watch on multiple products and their security patching. 

Responsibilities include, but are not limited to:

• Organization and management of assets across multiple products.
• Security alert ticket triage and investigation, through to ticket closure.
• Complete essential daily analysis tasks to help ensure Acquia’s sites and infrastructure are safe.
• Perform daily review of high risk vulnerability exposures.
• Perform monthly analysis on vulnerability reports.
• Perform weekly and monthly audit tasks for Acquia’s security compliance requirements.
• Perform threat analysis of new CVEs, and track packages and software across the Acquia platform.
• Maintain a general knowledge of common security vulnerabilities, attack vectors, methods, and remediation techniques (DDOS, Man in the Middle, Brute Force, SQL Injections, Cross-Site Scripting, Cross-Site Forgery Request).
• Continue to develop your technical knowledge and skills to stay ahead of the threat.
• Develop reporting structures for both vulnerability management and compliance standards.

To be successful in this role, you must have…

• 6 months to 3 years prior experience working as a security analyst or part of a security operations center.
• Experience with one or more vulnerability management tools, such as Qualys, Rapid7, Tenable.
• Familiarity with Linux, Apache, Nginx, MySQL and securing cloud based platforms (AWS/Azure/GCP).

You may get bonus points if you have experience with...

• Desire to become a subject matter expert in the role, demonstrating a willingness to learn and a can do attitude.
• Understanding of web technologies. ( HTTP, DNS, PKI and Networking ) is essential.
• Takes on additional responsibilities to fill in the gaps. Owns deliverables, accountable for results. Recognizing when it's appropriate to jump in and own it, and also when to provide support and collaboration.
• Adopts a team approach, acknowledging and appreciating efforts, contributions, and compromises. Recognizes the common purpose of the team and respects team decisions.
• Ability to triage and track highly critical vulnerability exposures and thoroughly communicate across a global team.
• Must be dependable, reliable, and able to work independently and as a member of a team.
• Strong problem-solving abilities, initiative, and ability to thrive under pressure.
• Excellent interpersonal and communication skills.
• Security qualifications such as CCNA, CISSP, CEH, OSCP and GCIH are beneficial.

Individuals seeking employment at Acquia are considered without regard to race, color, religion, caste, creed, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. Whatever you answer will not be considered in the hiring process or thereafter.