Attack Surface Management Senior Analyst – Cloud & Cybersecurity

What success looks like in this role:

The Attack Surface Management (ASM) team plays a crucial role in minimizing the attack vector and surfaces within the organization. We are currently seeking an experienced analyst to oversee and execute ASM processes. This role involves collaborating with other security teams to manage the enterprise attack surface using various tools such as scorecard platforms, external exposure management, threat detection, EDR, SOAR, and privilege management tools. The position also encompasses managing the security posture in the cloud, requiring expertise in AWS, GCP, Azure, and familiarity with CIS security controls in cloud environments.

• Monitors the company’s IT systems and network activity for any irregularities and anomalies to ensure that no suspicious activities are happening and to prevent attacks against the corporate IT assets and data.

• Identifies threats, and work to determine what caused the anomaly within the system and how can prevent it from happening again.

• Handles complex incidents conducting investigations of affected systems, reviewing logs, focusing on containment, and initiating remediation actions. Also participates in root cause analysis, system restoration activities and developing reports on security issues.

• Articulates security policies, guidelines, and standards to different parties.

• Works independently within an established framework and stays up to date on the latest security threats.

• Evaluates, tests, recommends, coordinates, monitors, and maintains information systems (IS) and cyber security policies, procedures.

• Participates in security audits by helping with preparation and reviewing data afterward.

You will be successful in this role if you have:

#LI-AB1

• Strong fundamental (networking, operating systems, cyber security tools and techniques) skills

• Familiarity with common web vulnerabilities, including XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws

• Familiarity with Cloud Infrastructures and Services, knowledge of CIS controls for Cloud and drive implementation

• Understanding of common web application frameworks and web-based API

• Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc.

• Solid understanding of Open-Source Intelligence (OSINT) gathering techniques to support ASM (subdomain discovery/enumeration, service and application enumeration, content discovery, etc.)

• Ability to manage, organize, analyze, and present substantial amounts of data

• Capable of working effectively and efficiently with minimal supervision

• Strong understanding of OWASP common vulnerabilities and testing methodologies

• Ability to communicate risks caused by web-based application vulnerabilities

• Fluent English skill, both written and verbal
   

  What do we offer?

• Monthly gross 35.000 HUF cafeteria - regardless of your weekly working hours 
• Private Health Insurance - Premium Package provided for all Unisys associates after 1-year tenure 
• Home office allowance 
• Last and foremost, a great team, also a lot of learning and training opportunities 

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4).  US job seekers can find more information about Unisys’  EEO commitment here.