Job Description/Preferred Qualifications

We are in search of a Cyber Security Governance Analyst to join our Enterprise Vulnerability Management (EVM) program. The qualified individual will work with the broader security team to mature our program, assess security risks, and communicate/facilitate remediation of those risks. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.
This position will be assisting with critical initiatives for short- as well as long-term plans to identify and reduce the attack surface across the infrastructure landscape. Use of automated tools to identify, assess, and report is critical, with emphasis placed on effective communication to constituents relying on applications and systems that support their business. Vulnerability management analysts take an active role to inform and partner with business units to help better secure their operations.

• Use tooling to identify, classify, and report on vulnerabilities in all KLA environments

• Assist in execution of efforts to protect the organization’s information assets

• Work with internal and external tools and services to identify and classify vulnerabilities and risk to the company

• Work with IT and business partners to mitigate risks and develop remediation plans

• Conduct system, network, or software vulnerability audits, assessments, and penetration testing in accordance with established processes and procedures

• Conduct information system risk assessments and support compliance documentation and system accreditation requirements

• Maintain an active curiosity about Cybersecurity trends and advisories to stay current on up-to-date vulnerabilities and exploits

• Pursuit or completion of Security related certification (CISSP, PNPT, Sec+, etc.)

• Experience with vulnerability management in an enterprise environment

• Computer, infrastructure (full tech stack) and operating system knowledge

• Ability to multi-task, adapt to changes quickly and handle heavy ticket volumes

• Self-motivated with the ability to work in a fast-paced environment

• Familiarity with various network and host-based security applications and tools, such as assessment/scanning tools, intrusion detection systems, and other security software packages

• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)

• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy

• In depth knowledge of one or more IT domains (Networking, Systems, Cloud, DevOps)

Minimum Qualifications

• Completion of a bachelor’s degree from an accredited course of study, in Information Assurance, Cybersecurity, IT Security, Computer Science, Information Technology or corresponding years of professional experience in an IT or Cybersecurity role

• Experience as an IT Administrator supporting different domains of IT infrastructure (Network, Systems, etc.)

• Experience working collaboratively across departments and coordinating project tasks and tracking to completion

• Ability to work under minimum supervision while taking initiative on new tasks and driving them to completion

• Curiosity to learn new systems and work with collaborators to understand their business processes to develop compatible solutions

Interns are eligible for some of the benefits listed. Our pay ranges are determined by role, level, and location. The range displayed reflects the pay for this position in the primary location identified in this posting. Actual pay depends on several factors, including state minimum pay wage rates, location, job-related skills, experience, and relevant education level or training. We are committed to complying with all applicable federal and state minimum wage requirements where applicable. If applicable, your recruiter can share more about the specific pay range for your preferred location during the hiring process.