Security and Risk Analyst (Exposure Management)

This role supports Asurion’s Exposure Management program by maintaining a centralized view of vulnerabilities and supporting risk-based remediation across the organization. The position works within the team to incorporate new data sources, implements changes that enhance risk models, and engages with internal teams.

As part of the Security Development team, the role works with a broad set of software security tools (SAST, SCA, DAST, CSPM, and custom solutions) to streamline their use for internal customers. Empathy for the needs of developers and DevOps engineers are essential, with hands-on experience with cloud service providers and creating automations strongly preferred.

The role requires partnering with teams across the organization to increase tool adoption, raise awareness, and provide technical guidance on remediation and best practices.

Candidates with experience developing software in a team environment as well as the ability to utilize APIs with Python to integrate and automate processes is strongly preferred. Candidates should be comfortable working as part of a team through ambiguous situations.

Day to Day tasks:

• Administration and enhancement of our software security and exposure management tools, empowering teams to maintain the security of Asurion.
• Collaborate with teams throughout the global enterprise to better understand their needs, then translate that into extensions or customizations of our existing capabilities.
• With supervision, develop, deploy, and support custom enterprise tools using AWS, Azure, and other cloud technologies.
• Perform internal consulting to assist dev teams in adopting best practices for their enterprise applications.

Qualifications:

• Strongly preferred experience:
  • Linux and/or Container administration
  • Python, Groovy, Node.js, or Java
  • Cloud technologies such as AWS, Azure, or Google
  • Vulnerability management tools such as Brinqa, Unified Vulnerability Management, etc.
  • Cloud Security Posture Management (CSPM) tools such as Wiz, Orca or Prisma.
• Ability to build positive relationships across teams, preferably in a global environment.
• The perseverance to drive hard problems to resolution under supervised guidance.
• Strong sense of ownership over your work.
• Experience with SIEM tools, such as Splunk or Sumo Logic.
• The ability and the desire to learn new technologies in a fast-paced environment.
• Strong written and verbal communication skills. Ability to clearly communicate technical issues to a non-technical audience.
• Bachelor’s Degree in Computer Science, Software Engineering, Computer Engineering, Electrical Engineering, Electronics Engineering, or related field.