Vulnerability Management Analyst

JOB DESCRIPTION

Calling all originals: At Levi Strauss & Co., you can be yourself — and be part of something bigger. We’re a company of people who like to forge our own path and leave the world better than we found it. Who believe that what makes us different makes us stronger. So add your voice. Make an impact. Find your fit — and your future.

Summary of the role:

Specializes in identifying, monitoring, and securing the organization’s external digital footprint to mitigate vulnerabilities and reduce cyber risks.  This role will work across multiple Vulnerability, Application, and Protection platforms to ensure multiple protective controls are in place against malicious Threat Actors.

About the role:

• Asset Discovery: Identifies exposed assets (e.g., domains, IPs, cloud services, applications) that could be targeted by attackers.
• Vulnerability Assessment: Conducts regular scans and analyses to detect weaknesses in the external attack surface, such as misconfigurations or unpatched systems.
• Threat Intelligence: Leverages info-sec expertise to interpret threat data and prioritize risks based on potential impact and exploitability.
• Security Monitoring: Continuously tracks changes in the attack surface (e.g., new DNS domains, networks, certificates) to ensure real-time awareness.
• Remediation Support: Collaborates with IT and security teams to recommend and implement fixes for identified exposures.
• Policy Enforcement: Ensures compliance with security standards (e.g., NIST, ISO 27001) and organizational policies for external assets.
• Tool Proficiency: Skilled in VM and EASM platforms (e.g., Censys, Shodan, Qualys) and info-sec tools (e.g., Nessus, Burp Suite, SIEM systems).
• Background Strength: Applies knowledge of network security, threat actor approaches, and incident response to proactively defend against external threats.
• Communication: Translates technical findings into actionable insights for stakeholders, bridging security and business objectives.

About you:

• Bachelor's or Master's degree in computer science, information systems, cyber security or a related field; or equivalent professional experience. 
• CISSP or equivalent certifications and experience.
• 2+ years of experience in vulnerability management.
• Strong understanding of MITRE ATT&CK, kill chain model, and threat actor TTPs.
• Hands-on experience working with VM platforms.
• Strong analytical, problem-solving, and technical writing skills
• Experience with the use and protection of major cloud platforms such as Azure, AWS, and GCP.
• Knowledge of attacker tools and evasion techniques.
• Knowledge of performance metrics, reporting, and risk management 
• A strong moral compass, high integrity, and accountability are vital to be a successful in this role  
• Proficiency in Python, PowerShell, or Bash a plus

Benefits:

We put a lot of thought into our programs to provide you with a benefits package that matters. Whether it is for medical care, taking time off, improving your health or planning for retirement, we've got you covered.

Here's a small snapshot:

• Complimentary preventive health check-up for you & your spouse
• OPD coverage
• Best in class leave plan including paternity & family care leaves
• Counselling sessions to prioritizing mental well-being
• Exclusive discount vouchers on Levi’s products

We are an Equal Opportunity Employer committed to empowering individuals from all walks of life to achieve their professional goals with us, regardless of race, religion, gender, gender identity, pregnancy, disability, sexual orientation, age, national origin, citizenship status, or genetic information. We actively seek and encourage applications from diverse candidates, including those with disabilities, and offer accommodations throughout the selection process upon request.

To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. 

LOCATION

FULL TIME/PART TIME

Current LS&Co Employees, apply via your Workday account.