Company name
Best Buy
Location
Richfield, MN, United States
Employment Type
Full-Time
Industry
It, Retail
Posted on
Sep 18, 2021
Profile
Best Buy
The Attack Surface Management (ASM) Senior Analyst independently manages team programs, projects, operations, and improvement initiatives in support of managing technical risk at scale across Best Buy. They work closely with IT and business groups to assist in the collection, analysis, and dissemination of vulnerability and configuration risk data. The Senior Analyst ensures that all business requests for service are dealt with promptly and professionally and that services are delivered according to the agreed schedule. They help manage stakeholder expectations and have responsibility for the business's satisfaction with how technical risk is managed.
The ASM Senior Analyst will train and mentor analysts on systems and standard operating procedures, manage multiple operational scopes of technical risk responsibility, and consistently work to formalize and improve the technical risk management processes. They must have a solid technical security foundation and be agile, quick learners for both processes and technologies to help support ASM technical assessment tools. The Senior Analyst needs to have a strong understanding of vulnerability and configuration risk identification, the critical business processes of Best Buy, and the systems that support them.
Core Responsibilities:
Research / Analytics
Review data and triage appropriately; understand vulnerabilities and misconfigurations, and make connections to broader potential threats
Proactively review technical data, interpret results, and form data-driven opinions to make recommendations on risk
Prioritize risk efficiently and appropriately; challenge assumptions and methodologies
Work with internal teams to respond to vulnerabilities
Documentation
Assist in shaping, tailoring, and delivering final documentation to leaders/clients
Assist in drafting reporting templates
Organize reports based on existing data sets; update/maintain the contents of various existing reports or data sets
Assist with determining which process and workflows should be utilized
Collaboration/Communications
Create or revise process documents/SOPs utilized by internal teams
Work with, and provide, day-to-day work direction to contingent workers on tasks, SOPs, etc.
Develop and maintain cross-functional partnerships; build relationships across teams and anticipate client needs
Build cross-functional capabilities to improve management of secure system configurations
Operations & Process Improvement
Manage ongoing vulnerability and configuration Health compliance requirements
Coordinate, execute, and deliver training sessions
Maintain and organize operating procedure content on internal documentation sites
Identify and understand potential vulnerabilities, gaps, or opportunities that may exist and communicate to leaders
Provide recommendations on solutions to fix/close identified gaps
Minimum Requirements:
2 years of experience working with vulnerability management and IT patching processes
2 years of experience in information technology, information security, or related fields
2 years of experience with Windows, Linux, Unix, and/or mobile platforms
1 years of experience with information security concepts, network architecture, hardware and software troubleshooting, and vulnerability/configuration management
Preferred Experience:
2 years of experience working with application-level vulnerability management
2 years of experience working with secure systems configuration management
2 years of experience designing or re-engineering business/IT processes
Experience with cloud-based IT systems and related security risks/controls
Experience with container-based IT solutions and related security risks/controls
Company info
Best Buy
Website : http://www.bestbuy.com