Full-Time Attack Surface Management Engineer

Attack Surface Management Engineer is responsible for attack surface management activities, ensuring full visibility and actionability of Experian's attack surface, minimizing risk.

Works with the Cyber Fusion Centre for incident response, providing attack surface management discovery.

Responsibilities:

• Assisting in cybersecurity incident response, identifying vulnerable assets.
• Improving and iterating on attack surface management processes to strengthen visibility and knowledge.
• Collaborating with partners for ASM communication and reporting throughout incidents.
• Validating vulnerabilities across all asset types, demonstrating exploitation and remediation/fix verification.
• Performing programmatic and ad-hoc asset discovery to address coverage gaps.
• Implementing the attack surface management program, including scanning results interpretation.
• Identifying internal and external risks based on scanning results.
• Assigning findings to relevant business owners.
• Improving scan coverage.

Functional Requirements:

• Expert-level engineering experience in one of these areas: Networking/Protocols, Middleware, Network Infrastructure, Network Appliances, APIs, Cloud Infrastructure, Cloud Services, Mobile Devices, Mobile Applications, IoT, Endpoints, Operating Systems, Wireless networking, Third-party Integrations, Data Storage, Databases, CICD, Application Dependencies.
• Working knowledge of network security principles (segmentation, firewalls, VPNs).
• Understanding of networking standards and protocols (IPv4, IPv6, TCP/IP, DNS, HTTPS, TLS, BGP, Firewalls, NAT, SMTP, VPN, ICMP, SSH, IPSec).
• Solid understanding of risk identification and rating using frameworks like OWASP, SANS, NIST 800-61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR, CMMC, and others.
• Knowledge of industry-standard AI security practices.
• Familiarity with major cloud platforms (AWS, Azure, GCP).
• Cloud security practices and incident response experience in cloud-based infrastructure.
• Documentation of incident response activities (timelines, actions, lessons learned).

What is the last date for applying to the job?

Which countries are accepted for this remote job?