Threat Governance - Engineer I
FICO (NYSE: FICO)is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!
The Opportunity
“This role will be working on Cloud security issues and the Vulnerability findings on FICO assets which includes user computers, data center systems and Cloud. This position will work with key stakeholders to understand threats unique to each business unit or application. This position will collaborate with technology, security, development and product management groups across the corporation to drive successful execution of the Threat governance Portifolio to ensure an appropriate proactive enterprise security posture. A solid understanding of OS’s, IP networks, and database and application functionality are critical. This position should be able to participate in technical discussions with IT personnel and have the ability to quickly understand the FICO Technology environment, including network, OS and key applications.” – Software Engineering-Director.
What You’ll Contribute
Collaborate with FICO Cyber Security Team, Business and IT partners, and clients.
Act as an internal subject matter expert with respect to Vulnerability and Compliance scanning and reporting. Implement new and iterate on existing technology to help identify and mitigate security issues.
Validate and triage identified Threats.
Contribute to team strategy in managing threats and vulnerabilities.
Develop, evangelize, and iterate on threat & vulnerability management practices.
Conducting required tasks for the vulnerability scanning program and publishing reported vulnerabilities to impacted teams for remediation.
Triage and risk rank vulnerabilities according to severity and exposure. Work with Product and IT teams to risk rank and patch vulnerabilities related to the technology stack. Develop remediation plans for vulnerabilities.
Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.
Continuous review of configuration management and vulnerability management posture inside the company and knowledge of all external developments that could bring new risks, including vendor patches, zero-day exploits, end-of-life systems or deprecated services.
Strong thought process to enhance the current capabilities of Cloud asset management , Cloud vulnerability management & cloud patch management
Create reports to the stake holders for effective remediation and metrics for leadership.
What We’re Seeking
Security+, CEH or another similar info security/IT certification is desired.
2-4 years of Experience with Wiz, Qualys or other Cloud Security and Vulnerability scanning technology required.
Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines.
Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities.
Must be able to multi-task and keep track of large amounts of information across disparate systems.
Ability to keep making progress and define future strategy/policy with regards to Vulnerability Management.
Adherent to ‘continuous monitoring’ and ‘continuous improvement’ thought process.
Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred).
Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture.
knowledge on any scripting language is nice to have (python, Java, Shell, Bash)
Moderate documentation and analytical skills; documenting processes, policies and standards
knowledge of current threat landscape is a good to have.
Our Offer to You
An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.
Why Make a Move to FICO?
At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today – Big Data analytics. You’ll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more.
FICO makes a real difference in the way businesses operate worldwide:
• Credit Scoring — FICO® Scores are used by 90 of the top 100 US lenders.
• Fraud Detection and Security — 4 billion payment cards globally are protected by FICO fraud systems.
• Lending — 3/4 of US mortgages are approved using the FICO Score.
Global trends toward digital transformation have created tremendous demand for FICO’s solutions, placing us among the world’s top 100 software companies by revenue. We help many of the world’s largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people – just like you – who thrive on the collaboration and innovation that’s nurtured by a diverse and inclusive environment. We’ll provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks!
Learn more about how you can fulfil your potential at www.fico.com/Careers
FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and we’re proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they don’t meet all stated qualifications. While our qualifications are clearly related to role success, each candidate’s profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply.
Information submitted with your application is subject to the FICO Privacy policy at https://www.fico.com/en/privacy-policy
About the job
Apply for this position
Threat Governance - Engineer I
FICO (NYSE: FICO)is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!
The Opportunity
“This role will be working on Cloud security issues and the Vulnerability findings on FICO assets which includes user computers, data center systems and Cloud. This position will work with key stakeholders to understand threats unique to each business unit or application. This position will collaborate with technology, security, development and product management groups across the corporation to drive successful execution of the Threat governance Portifolio to ensure an appropriate proactive enterprise security posture. A solid understanding of OS’s, IP networks, and database and application functionality are critical. This position should be able to participate in technical discussions with IT personnel and have the ability to quickly understand the FICO Technology environment, including network, OS and key applications.” – Software Engineering-Director.
What You’ll Contribute
Collaborate with FICO Cyber Security Team, Business and IT partners, and clients.
Act as an internal subject matter expert with respect to Vulnerability and Compliance scanning and reporting. Implement new and iterate on existing technology to help identify and mitigate security issues.
Validate and triage identified Threats.
Contribute to team strategy in managing threats and vulnerabilities.
Develop, evangelize, and iterate on threat & vulnerability management practices.
Conducting required tasks for the vulnerability scanning program and publishing reported vulnerabilities to impacted teams for remediation.
Triage and risk rank vulnerabilities according to severity and exposure. Work with Product and IT teams to risk rank and patch vulnerabilities related to the technology stack. Develop remediation plans for vulnerabilities.
Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.
Continuous review of configuration management and vulnerability management posture inside the company and knowledge of all external developments that could bring new risks, including vendor patches, zero-day exploits, end-of-life systems or deprecated services.
Strong thought process to enhance the current capabilities of Cloud asset management , Cloud vulnerability management & cloud patch management
Create reports to the stake holders for effective remediation and metrics for leadership.
What We’re Seeking
Security+, CEH or another similar info security/IT certification is desired.
2-4 years of Experience with Wiz, Qualys or other Cloud Security and Vulnerability scanning technology required.
Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines.
Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities.
Must be able to multi-task and keep track of large amounts of information across disparate systems.
Ability to keep making progress and define future strategy/policy with regards to Vulnerability Management.
Adherent to ‘continuous monitoring’ and ‘continuous improvement’ thought process.
Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred).
Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture.
knowledge on any scripting language is nice to have (python, Java, Shell, Bash)
Moderate documentation and analytical skills; documenting processes, policies and standards
knowledge of current threat landscape is a good to have.
Our Offer to You
An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.
Why Make a Move to FICO?
At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today – Big Data analytics. You’ll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more.
FICO makes a real difference in the way businesses operate worldwide:
• Credit Scoring — FICO® Scores are used by 90 of the top 100 US lenders.
• Fraud Detection and Security — 4 billion payment cards globally are protected by FICO fraud systems.
• Lending — 3/4 of US mortgages are approved using the FICO Score.
Global trends toward digital transformation have created tremendous demand for FICO’s solutions, placing us among the world’s top 100 software companies by revenue. We help many of the world’s largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people – just like you – who thrive on the collaboration and innovation that’s nurtured by a diverse and inclusive environment. We’ll provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks!
Learn more about how you can fulfil your potential at www.fico.com/Careers
FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and we’re proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they don’t meet all stated qualifications. While our qualifications are clearly related to role success, each candidate’s profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply.
Information submitted with your application is subject to the FICO Privacy policy at https://www.fico.com/en/privacy-policy