Enterprise Vulnerability Management Analyst

Company Overview

Job Description/Preferred Qualifications

We are in search of a Cyber Security Governance Analyst to join our Enterprise Vulnerability Management (EVM) program. The qualified individual will work with the broader security team to mature our program, assess security risks, and communicate/facilitate remediation of those risks. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.
This position will be assisting with critical initiatives for short- as well as long-term plans to identify and reduce the attack surface across the infrastructure landscape. Use of automated tools to identify, assess, and report is critical, with emphasis placed on effective communication to constituents relying on applications and systems that support their business. Vulnerability management analysts take an active role to inform and partner with business units to help better secure their operations.

What You Will Be Doing

• Use tooling to identify, classify, and report on vulnerabilities in all KLA environments

• Assist in execution of efforts to protect the organization’s information assets

• Work with internal and external tools and services to identify and classify vulnerabilities and risk to the company

• Work with IT and business partners to mitigate risks and develop remediation plans

• Conduct system, network, or software vulnerability audits, assessments, and penetration testing in accordance with established processes and procedures

• Conduct information system risk assessments and support compliance documentation and system accreditation requirements

• Maintain an active curiosity about Cybersecurity trends and advisories to stay current on up-to-date vulnerabilities and exploits

Desired Qualifications:

• Pursuit or completion of Security related certification (CISSP, PNPT, Sec+, etc.)

• Experience with vulnerability management in an enterprise environment

• Computer, infrastructure (full tech stack) and operating system knowledge

• Ability to multi-task, adapt to changes quickly and handle heavy ticket volumes

• Self-motivated with the ability to work in a fast-paced environment

• Familiarity with various network and host-based security applications and tools, such as assessment/scanning tools, intrusion detection systems, and other security software packages

• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)

• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy

• In depth knowledge of one or more IT domains (Networking, Systems, Cloud, DevOps)

Minimum Qualifications

• Completion of a bachelor’s degree from an accredited course of study, in Information Assurance, Cybersecurity, IT Security, Computer Science, Information Technology or corresponding years of professional experience in an IT or Cybersecurity role

• Experience as an IT Administrator supporting different domains of IT infrastructure (Network, Systems, etc.)

• Experience working collaboratively across departments and coordinating project tasks and tracking to completion

• Ability to work under minimum supervision while taking initiative on new tasks and driving them to completion

• Curiosity to learn new systems and work with collaborators to understand their business processes to develop compatible solutions

Interns are eligible for some of the benefits listed. Our pay ranges are determined by role, level, and location. The range displayed reflects the pay for this position in the primary location identified in this posting. Actual pay depends on several factors, including state minimum pay wage rates, location, job-related skills, experience, and relevant education level or training. We are committed to complying with all applicable federal and state minimum wage requirements where applicable. If applicable, your recruiter can share more about the specific pay range for your preferred location during the hiring process.

KLA is proud to be an Equal Opportunity Employer. We will ensure that qualified individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us at talent.acquisition@kla.com or at +1-408-352-2808 to request accommodation.

Be aware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as KLA employees.  KLA never asks for any financial compensation to be considered for an interview, to become an employee, or for equipment. Further, KLA does not work with any recruiters or third parties who charge such fees either directly or on behalf of KLA. Please ensure that you have searched KLA’s Careers websitefor legitimate job postings.  KLA follows a recruiting process that involves multiple interviews in person or on video conferencing with our hiring managers.  If you are concerned that a communication, an interview, an offer of employment, or that an employee is not legitimate, please send an email to talent.acquisition@kla.com to confirm the person you are communicating with is an employee. We take your privacy very seriously and confidentially handle your information.