Information Security Analyst - VM

HMH is a learning technology company committed to delivering connected solutions that engage learners, empower educators and improve student outcomes. As a leading provider of K–12 core curriculum, supplemental and intervention solutions, and professional learning services, HMH partners with educators and school districts to uncover solutions that unlock students’ potential and extend teachers’ capabilities.

HMH serves more than 50 million students and 4 million educators in 150 countries. HMH Technology India Pvt. Ltd. is our technology and innovation arm in India focused on developing novel products and solutions using cutting-edge technology to better serve our clients globally. HMH aims to help employees grow as people, and not just as professionals. For more information, visit www.hmhco.com

Duties and Responsibilities:

• Conduct daily assessment of internal and external vulnerabilities identified by infrastructure scans.
• Evaluate, rate, and perform risk assessments on assets based on scan results.
• Prioritizing vulnerabilities discovered along with remediation timeline(s) while working with different agencies and owners, as well as the vulnerability management team.
• Send and receive notifications to responsible system owner, including customers, vendors, and internal teams of vulnerabilities within the environment.
• Maintain knowledge of the threat landscape.
• Provide reporting and analysis and follow up.
• Provide vulnerability analysis and produce reports for management.
• Participate collecting, assessing, and cataloging threat indicators.
• Compile and track vulnerabilities over time for metrics purposes.
• Develop and maintain strong relationships with business departments and their security principals.
• Conduct VMP review meetings with System owners and custodians

Preferred Knowledge, Skills, and Abilities:

• Minimum two (5) years of professional and/or practical experience in the field of information technology security providing technical guidance across systems, networks, and applications to vulnerability management teams and end users required.
• Experience with systems, networks, and/or applications related to vulnerability management systems and patch management.
• Ability to work with third party penetration vendors conducting network/perimeter/application pen tests, including scoping, running, working with the vendor, and post-scanning remediation efforts and deliverables.
• Strong understanding and experience working with Windows and Linux desktop and network operating systems and patching.
• Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments (Amazon Web Services (AWS) or Microsoft Azure).
• Proficient with System/Networking concepts including TCP/IP, DHCP, DNS, Subnetting, Packet tracing, Routing, VLANs, VPN, Active Directory, O365, SSL Certificates.
• Knowledge of vulnerability scoring systems (CVSS/CMSS).
• Experience with network, systems, and application vulnerability scanning tools (Rapid7, Crowdstrike, Tenable IO, Cloud Security, Attack Surface Management, Palo Alto Xpanse).
• Ability to clearly communicate priorities and escalation points/procedures to other team members.
• Detail oriented, organized, methodical follow up skills with an analytical thought process.
• Excellent writing and presentation skills are required to communicate findings and status.
• Ability to learn new technologies in a fast-paced energized environment.
• Proficient with scripting (e.g. Python, JavaScript, PowerShell, PHP or Ruby), a plus
• Security certifications desired, but not required.

HMH Technology Private Limited is an Equal Opportunity Employer and considers applicants for all positions without regard to race, colour, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. We are committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation. For more information, visit https://careers.hmhco.com/. Follow us on Twitter, Facebook, LinkedIn, and YouTube.