Overview
On Site
Full Time
Skills
AIM
Information Security
IT Infrastructure
Security Engineering
Incident Management
Strategic Management
Vulnerability Management
Bloomberg
Partnership
Workflow
Reporting
Cadence
Vulnerability Scanning
IT Operations
Systems Management
Linux
Microsoft Windows
System Administration
IT Security
IaaS
Security Management
Organizational Skills
Management
Agile
Amazon Web Services
Microsoft Azure
Cloud Security
Cisco Certifications
Cloud Computing
Hardening
Scrum
PMP
Risk Management
Computer Science
Job Details
Our Team:
The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure the confidentiality, integrity, and availability of Bloomberg systems and the data we process. We aim to ensure that our clients see us as a trusted partner.
We report to the Chief Information Security Office (CISO) that owns the technical aspects of this mission by ensuring that Bloomberg products, systems, networks and commercial applications are built and maintained to be secure.
We work on purpose. Come find yours.
What's The Role?
We are seeking an IT Security Analyst to help ensure that our Public Cloud IT infrastructure and security processes are resilient against the latest threats. You will be responsible for analyzing and assessing vulnerabilities across a wide range of technologies. You'll engage with various technology partners to validate and manage identified vulnerabilities through remediation. You will work directly with other cross-department security engineering and incident response teams to set strategic direction for our enterprise Threat and Vulnerability Management program.
This is a team that drives company-wide initiatives to improve the effectiveness of Bloomberg's security posture. Analysts in this role must show exemplary judgment in making technical decisions to achieve business goals. You're expected to always demonstrate resilience and navigate difficult situations with composure and tact.
We'll Trust You To:
- Perform IT Security assessments and partner with other security or IT professionals to assess potential impact from vulnerabilities and determine appropriate mitigating controls
- Build strong partnerships with technical teams to promote best practices for managing vulnerabilities, initiate and track remediation through to completion
- Understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs
- Help standardize workflows, processes, procedures and reporting
- Partner with Cloud Engineering teams to establish security baselines and best practices
- Provide security guidance to Cloud Engineering teams encompassing perimeter, misconfigurations, asset visibility, policies, container, patching cadence, and vulnerability scanning
- Produce metrics and key performance indicators that demonstrate the effectiveness of remediation efforts
- Improve the design and usefulness of our IT Security management tools and solutions.
- Have excellent interpersonal and effective communications skills
You'll need To Have:
- Solid knowledge of Cloud Security and able to rate vulnerabilities appropriately in the context of the infrastructure & application stack
- 10+ years of proven IT operations, systems management, or IT Security related experience
- Hands-on expertise working with enterprise and cloud architectures
- Understanding of Linux and Windows OS, system administration and engineering
- Knowledge of IT security and system hardening best practices
- Solid understanding of Public Cloud infrastructure concepts and terminologies
- Experience analyzing vulnerability findings from IT and Security management tools
- Understanding of industry security standards such as CVE, CPE, CVSS & NIST
- Ability to interpret complex data sets to make informed risk-based decisions
- Strong organizational skills and can effectively manage complex tasks, projects, and agile framework
We'd love to see:
- AWS / Azure Solutions Architect, which is highly preferred
- A Certified Cloud Security Professional (CCSP), is a plus
- Experience building Cloud Resources and hardening them to CIS standards
- SCRUM Master Certification / PMP Certified
- Solid understanding of Risk management frameworks and security tools
- Ability to learn and implement technologies quickly
- Bachelor's degree in Computer Science, Engineering, or other related fields
The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure the confidentiality, integrity, and availability of Bloomberg systems and the data we process. We aim to ensure that our clients see us as a trusted partner.
We report to the Chief Information Security Office (CISO) that owns the technical aspects of this mission by ensuring that Bloomberg products, systems, networks and commercial applications are built and maintained to be secure.
We work on purpose. Come find yours.
What's The Role?
We are seeking an IT Security Analyst to help ensure that our Public Cloud IT infrastructure and security processes are resilient against the latest threats. You will be responsible for analyzing and assessing vulnerabilities across a wide range of technologies. You'll engage with various technology partners to validate and manage identified vulnerabilities through remediation. You will work directly with other cross-department security engineering and incident response teams to set strategic direction for our enterprise Threat and Vulnerability Management program.
This is a team that drives company-wide initiatives to improve the effectiveness of Bloomberg's security posture. Analysts in this role must show exemplary judgment in making technical decisions to achieve business goals. You're expected to always demonstrate resilience and navigate difficult situations with composure and tact.
We'll Trust You To:
- Perform IT Security assessments and partner with other security or IT professionals to assess potential impact from vulnerabilities and determine appropriate mitigating controls
- Build strong partnerships with technical teams to promote best practices for managing vulnerabilities, initiate and track remediation through to completion
- Understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs
- Help standardize workflows, processes, procedures and reporting
- Partner with Cloud Engineering teams to establish security baselines and best practices
- Provide security guidance to Cloud Engineering teams encompassing perimeter, misconfigurations, asset visibility, policies, container, patching cadence, and vulnerability scanning
- Produce metrics and key performance indicators that demonstrate the effectiveness of remediation efforts
- Improve the design and usefulness of our IT Security management tools and solutions.
- Have excellent interpersonal and effective communications skills
You'll need To Have:
- Solid knowledge of Cloud Security and able to rate vulnerabilities appropriately in the context of the infrastructure & application stack
- 10+ years of proven IT operations, systems management, or IT Security related experience
- Hands-on expertise working with enterprise and cloud architectures
- Understanding of Linux and Windows OS, system administration and engineering
- Knowledge of IT security and system hardening best practices
- Solid understanding of Public Cloud infrastructure concepts and terminologies
- Experience analyzing vulnerability findings from IT and Security management tools
- Understanding of industry security standards such as CVE, CPE, CVSS & NIST
- Ability to interpret complex data sets to make informed risk-based decisions
- Strong organizational skills and can effectively manage complex tasks, projects, and agile framework
We'd love to see:
- AWS / Azure Solutions Architect, which is highly preferred
- A Certified Cloud Security Professional (CCSP), is a plus
- Experience building Cloud Resources and hardening them to CIS standards
- SCRUM Master Certification / PMP Certified
- Solid understanding of Risk management frameworks and security tools
- Ability to learn and implement technologies quickly
- Bachelor's degree in Computer Science, Engineering, or other related fields
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.