Overview
Hybrid
Depends on Experience
Contract - W2
Skills
Compliance
Job Details
Compliance Analytics - Attack Surface Management
Location: San Diego or Mountain View - Remote/In-Office Policy
Hybrid work arrangement (3 days onsite Tuesday-Thursday) at our San Diego office.
Role Type: Contract position (6 months, no extension)
About Our Client
Our client is a leading global financial technology platform that powers various tax preparation, accounting, and personal finance products. With a strong focus on protecting their extensive customer base, their Adversary Management team takes a proactive approach to cybersecurity, working to identify and remediate security vulnerabilities before they can be exploited. The Exposure Management team specifically focuses on identifying and addressing risks in the company's external-facing attack surface, applying an adversarial mindset to strengthen defenses and protect customer data across multiple cloud environments and digital properties.
Job Description
As a Compliance Analytics professional on the Exposure Management team, you will help protect customers by identifying and reporting exploitable risks across the company's external-facing attack surface. Your work will enable the organization to focus remediation efforts on the most critical and high-risk areas while measuring attack surface exposure to adversary threats.
Your day-to-day responsibilities will include tuning commoditized Attack Surface Management (ASM) tools to increase coverage of the organization's external assets, calibrating these tools to eliminate false positives, and building automation to process findings. You will work with web asset data (domains, IPs, servers) to evaluate vulnerabilities and attribute data to specific assets. This role requires a combination of security engineering expertise and development skills, with a focus on bringing high-quality data into the company's data warehouse for analysis and reporting.
The ideal candidate has experience in cybersecurity with a strong background in data analysis, particularly using SQL, and can validate security findings for accuracy. This position offers the opportunity to work at the intersection of defensive security, reconnaissance, and data analytics while developing intelligence capabilities that protect an extensive customer base.
Duties and Responsibilities
Required Experience/Skills
Nice-to-Haves
Education
Join our client's Adversary Management team and help protect millions of customers by strengthening the company's security posture! Apply today to bring your cybersecurity expertise to this critical role in attack surface management.
Keywords: Cybersecurity | Attack Surface Management | ASM | Data Analysis | Python | SQL | Cloud Security | ETL | Vulnerability Assessment | San Diego | Security Engineering | Compliance Analytics
Location: San Diego or Mountain View - Remote/In-Office Policy
Hybrid work arrangement (3 days onsite Tuesday-Thursday) at our San Diego office.
Role Type: Contract position (6 months, no extension)
About Our Client
Our client is a leading global financial technology platform that powers various tax preparation, accounting, and personal finance products. With a strong focus on protecting their extensive customer base, their Adversary Management team takes a proactive approach to cybersecurity, working to identify and remediate security vulnerabilities before they can be exploited. The Exposure Management team specifically focuses on identifying and addressing risks in the company's external-facing attack surface, applying an adversarial mindset to strengthen defenses and protect customer data across multiple cloud environments and digital properties.
Job Description
As a Compliance Analytics professional on the Exposure Management team, you will help protect customers by identifying and reporting exploitable risks across the company's external-facing attack surface. Your work will enable the organization to focus remediation efforts on the most critical and high-risk areas while measuring attack surface exposure to adversary threats.
Your day-to-day responsibilities will include tuning commoditized Attack Surface Management (ASM) tools to increase coverage of the organization's external assets, calibrating these tools to eliminate false positives, and building automation to process findings. You will work with web asset data (domains, IPs, servers) to evaluate vulnerabilities and attribute data to specific assets. This role requires a combination of security engineering expertise and development skills, with a focus on bringing high-quality data into the company's data warehouse for analysis and reporting.
The ideal candidate has experience in cybersecurity with a strong background in data analysis, particularly using SQL, and can validate security findings for accuracy. This position offers the opportunity to work at the intersection of defensive security, reconnaissance, and data analytics while developing intelligence capabilities that protect an extensive customer base.
Duties and Responsibilities
- Increase coverage of the company's attack surface by tuning commoditized Attack Surface Management (ASM) tools to identify external-facing assets.
- Calibrate ASM tools to remove low-fidelity findings and false positives, improving data quality.
- Build automation to Extract/Transform/Load (ETL) findings from ASM tools to data warehouses.
- Publish findings generated by ASM tools to executive reports and data feeds.
- Measure changes in the attack surface over time to identify new and emerging risk areas.
- Evaluate vulnerabilities and help attribute data to company assets.
- Assist in weekly and bi-weekly scans of financial products and integrate results into data warehouses.
- Work with internal teams to share findings and support remediation efforts.
- Help stand up vendor solutions and integrate them into existing security frameworks.
- Apply an adversarial mindset to identify potential security gaps and exposures.
- Research and integrate third-party security solutions as needed.
Required Experience/Skills
- 3+ years of experience in cybersecurity and software development.
- Strong experience with data analysis in a cybersecurity domain, specifically with SQL.
- Proficiency with coding and scripting languages, particularly Python and Bash.
- Demonstrated ability to validate security findings for accuracy and eliminate false positives.
- Experience researching and integrating third-party security solutions.
- Familiarity with agile methodologies and development practices.
- Understanding of external attack surface concepts and security vulnerabilities.
- Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or equivalent experience.
- Ability to work collaboratively in a team environment while handling independent projects.
Nice-to-Haves
- Cloud experience, particularly with AWS environments.
- Familiarity with containerization technologies like Docker.
- Experience with Attack Surface Management (ASM) tools and methodologies.
- Background in defensive security with an adversarial mindset.
- Knowledge of data warehousing concepts and practices.
- Understanding of multi-cloud security challenges and asset exposure between cloud providers.
- Experience with GitHub and collaborative development workflows.
- Background working with web assets like domains, IPs, and servers from a security perspective.
Education
- Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or equivalent experience required.
- Relevant security certifications are a plus.
- Pay & Benefits Summary
- Competitive hourly rate based on experience and qualifications.
- Hybrid work arrangement with 3 days onsite (Tuesday-Thursday) and 2 days remote.
- Opportunity to work with a leading financial technology company.
- Exposure to cutting-edge cybersecurity tools and methodologies.
- Collaborative work environment with security professionals.
Join our client's Adversary Management team and help protect millions of customers by strengthening the company's security posture! Apply today to bring your cybersecurity expertise to this critical role in attack surface management.
Keywords: Cybersecurity | Attack Surface Management | ASM | Data Analysis | Python | SQL | Cloud Security | ETL | Vulnerability Assessment | San Diego | Security Engineering | Compliance Analytics
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.