Appfire is seeking a highly skilled, self-motivated, and dedicated Threat and Vulnerability Management (TVM) Security Analyst to join our Information Security team. In this role, you will be responsible for monitoring, assessing, and mitigating security risks within our organization, while supporting security incident and event management as a part of our SecOps team. You will play a critical role in identifying vulnerabilities, analyzing threats, and implementing robust security measures to safeguard our information systems.
Appfire is a cloud-focused company, so you will be expected to have (preferred) or obtain the necessary skills to identify threats and vulnerabilities in the cloud with providers such as AWS, Azure, and GCP.
You will be expected to engage in professional development to maintain continual growth in professional skills and knowledge essential to the position and thrive in a highly collaborative workplace and actively engage in helping create secure software applications.
Tools and Technologies:
Beyond the resume skills that match our culture and this role:
Appfire is seeking a highly skilled, self-motivated, and dedicated Threat and Vulnerability Management (TVM) Security Analyst to join our Information Security team. In this role, you will be responsible for monitoring, assessing, and mitigating security risks within our organization, while supporting security incident and event management as a part of our SecOps team. You will play a critical role in identifying vulnerabilities, analyzing threats, and implementing robust security measures to safeguard our information systems.
Appfire is a cloud-focused company, so you will be expected to have (preferred) or obtain the necessary skills to identify threats and vulnerabilities in the cloud with providers such as AWS, Azure, and GCP.
You will be expected to engage in professional development to maintain continual growth in professional skills and knowledge essential to the position and thrive in a highly collaborative workplace and actively engage in helping create secure software applications.
,[Threat Management:, Proactively identify, assess, and manage security threats to the organization’s information systems and networks., Develop and implement threat management strategies, including threat hunting, analysis, and response., Leverage threat intelligence sources to understand the evolving threat landscape and to support adjusting defenses accordingly., Collaborate with cross-functional teams to evaluate and mitigate potential threats before they can impact the organization., Ensure effective communication of threat information to relevant stakeholders and provide recommendations for mitigating actions, Vulnerability Assessment:, Conduct regular vulnerability scans on the organization’s IT infrastructure to identify weaknesses., Analyze scan results and security assessments to determine the risk level of identified vulnerabilities., Working cross-functionally, prioritize vulnerabilities based on their potential impact and likelihood of exploitation., Incident Response:, Help develop and executing incident response plans., Support the investigation security events and incidents to determine their cause, impact, and necessary remediation steps., Collaborate with IT and security teams to contain and mitigate threats., Risk Management:, Evaluate and recommend security controls and countermeasures to reduce risk., Help develop security policies, procedures, and standards to ensure consistent protection across the organization., Report on the organization’s security posture, providing insights and recommendations to senior management., Security Awareness and Training:, Contribute to the development and delivery of security awareness and work with teams across the organization to ensure security policies and procedures are understood and followed., Compliance and Governance:, Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, SOC2, GDPR, NIST)., Participate in security audits and assessments to verify compliance and identify areas for improvement Requirements: AWS, Analytical skills, Communication skills, Azure, GCP, CISSP, Cloud security, Cybersecurity principles, problem-solving, Threat Intelligence Platforms, Vulnerability Scanners Tools: Jira. Additionally: Sport subscription, Private healthcare, Lunch card, Small teams, International projects, company equity, Home Office allowance, MyBenefit Platform, English language courses, additional time off each month, Life Insurance, Indefinite Employment contract, Free coffee, Canteen, Free snacks, Free beverages, Free parking, In-house trainings, In-house hack days, No dress code.