Reference: JO-2408-7151 What if you could do the kind of work the world needs? At WSP, you can access our global scale, contribute to landmark projects and connect with the brightest minds in your field to do the best work of your life. You can embrace your curiosity in a culture that celebrates new ideas and diverse perspectives. You can experience a world of opportunity and the chance to shape a career as unique as you. Attack Surface Reduction Analyst Position Summary: The Attack Surface Reduction Analyst will play a critical role in enhancing our organization's cybersecurity posture by identifying, assessing, and mitigating vulnerabilities and threats across our digital environment. This role involves a combination of strategic analysis, hands-on implementation, and collaboration with various teams to reduce our attack surface and improve our overall security resilience. Specific areas of responsibility may fall into any one of the following areas of Attack Surface Reduction: Vulnerability Assessment: Conduct thorough assessments to identify potential vulnerabilities and weaknesses in our systems, applications, and networks. Attack Surface Analysis: Analyze and map out the organization's attack surface, including endpoints, network components, applications, and cloud environments, to identify areas of risk. Mitigation Strategies: Develop and implement strategies and controls to reduce attack vectors and minimize potential entry points for malicious activities. Risk Evaluation: Continuously evaluate emerging threats and vulnerabilities and assess their impact on our attack surface. Incident Response Support: Collaborate with the Incident Response team to address and resolve security incidents related to identified vulnerabilities or attack vectors. Collaboration: Work closely with I&O, Risk, SOC, SecDevOps, and other relevant teams to integrate security practices into the development and deployment processes. Security Tools: Utilize and configure security tools and technologies for vulnerability scanning, threat intelligence, and attack surface monitoring. Documentation & Reporting: Maintain detailed documentation of vulnerabilities, risk assessments, and mitigation actions. Prepare and present reports to stakeholders on security posture and risk status. Continuous Improvement: Stay current with industry trends, threat intelligence, and emerging technologies to continually enhance our attack surface reduction strategies. Leadership and People Responsibilities: Develop positive working relationships with other team members and business partners across teams to align with WSP's internal and external client demands. Provide feedback on the governance process for continued improvement. Finance/Budgetary Responsibilities: Provide feedback on tooling and identify additional needs. Plan for the expansion of security tools to cover ongoing needs. Evaluation of license usage and potential growth. What you'll bring to WSP Required: 7+ years related experience in Security Operations, Network Security, Vulnerability Management or similar position. Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, Data Sciences, or related field. Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing. Proficiency in security tools: Microsoft Defender, Microsoft Defender EASM, BitSight, Cybel Angel and others. Strong analytical skills with a keen eye for detail and accuracy. Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders. Experience with IT Governance frameworks such as COBIT, ITIL, NIST and ISO 2700x. Experience with risk management, including risk analysis, mitigation, and monitoring. What sets you apart: Master's degree in Information Technology, Computer Science, Engineering, Data Sciences or related field. Security+, CISSP, or other related certifications. Our benefit package is highly competitive and includes the following: Flexible and hybrid working arrangements. Comprehensive medical insurance. Unspecified sick leave. Personal development and well-being grant. Progressive parental leave policy. Option to purchase up to 4 additional weeks of annual leave. Reimbursement of up to 2 annual professional memberships. Community day. Employee Assistance Programme. Multiple discounted products and services, and more. Due to the nature of this role, you may need to work outside of standard business hours. Please note that we can only consider applicants with long-term open work rights in New Zealand who do not require AEWV sponsorship and will not provide relocation support for this role. Imagine a better future for you and a better future for us all. Join our close-knit community of talented individuals who share your passion for making a positive impact. Our global team includes more than 69,000 employees, working together to make a difference in communities both close to home and around the world. With us, you can. Apply today. #J-18808-Ljbffr
