Threat Governance Engineer I

Job not on LinkedIn

5 hours ago

Apply Now

Receive Emails with Similar Jobs

FICO

WebsiteLinkedInAll Job Openings

Finance • Artificial Intelligence • SaaS

FICO is a leading analytics and software company renowned for its FICO® Score, a tool widely used by lenders to assess credit risk. The company offers a comprehensive platform that leverages data, AI, and machine learning to power intelligent decision-making and customer engagement across various industries. FICO's solutions span fraud detection, credit scoring, and customer lifecycle management, making it vital to sectors such as finance and telecommunications. Its innovative products help businesses optimize outcomes through real-time analytics, business composability, and scenario management.

1001 - 5000 employees

Founded 1956

💸 Finance

🤖 Artificial Intelligence

☁️ SaaS

📋 Description

• Collaborate with FICO Cyber Security Team, Business and IT partners, and clients. • Act as an internal subject matter expert with respect to Vulnerability and Compliance scanning and reporting. • Implement new and iterate on existing technology to help identify and mitigate security issues. • Validate and triage identified Threats. • Contribute to team strategy in managing threats and vulnerabilities. • Develop, evangelize, and iterate on threat & vulnerability management practices. • Conducting required tasks for the vulnerability scanning program and publishing reported vulnerabilities to impacted teams for remediation. • Triage and risk rank vulnerabilities according to severity and exposure. • Work with Product and IT teams to risk rank and patch vulnerabilities related to the technology stack. • Develop remediation plans for vulnerabilities. • Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes. • Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables. • Continuous review of configuration management and vulnerability management posture inside the company and knowledge of all external developments that could bring new risks, including vendor patches, zero-day exploits, end-of-life systems or deprecated services. • Strong thought process to enhance the current capabilities of Cloud asset management, Cloud vulnerability management & cloud patch management. • Create reports to the stakeholders for effective remediation and metrics for leadership.

🎯 Requirements

• Security+, CEH or another similar info security/IT certification is desired. • 2-4 years of Experience with Wiz, Qualys or other Cloud Security and Vulnerability scanning technology required. • Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines. • Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities. • Must be able to multi-task and keep track of large amounts of information across disparate systems. • Ability to keep making progress and define future strategy/policy with regards to Vulnerability Management. • Adherent to ‘continuous monitoring’ and ‘continuous improvement’ thought process. • Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred). • Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture. • Knowledge on any scripting language is nice to have (python, Java, Shell, Bash). • Moderate documentation and analytical skills; documenting processes, policies and standards. • Knowledge of current threat landscape is a good to have.

🏖️ Benefits

• An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others. • The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. • Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. • An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.