LastPass is looking for a Vulnerability Assessment Analyst:
As a Trust & Security team member, you will collaborate with security professionals and engineering teams to identify, verify, prioritize, and address vulnerabilities. This joint effort is aimed at enhancing overall security and minimizing potential threats. Additionally, you will contribute to developing a strong vulnerability management program, ensuring the organization's security and compliance standards are upheld.
If you are passionate about complex problem solving and motivated by scale, then this is the role for you!
Who will you work with?
You will be part of our Security Posture and Attack Surface Engineering & Research (SPASER) team. You'll collaborate with Trust & Security teams to enhance our vulnerability management program. You'll focus on daily vulnerability assessments and support critical security functions like threat intelligence and incident response. Working closely with engineering teams, you'll improve our security posture by treating vulnerabilities and suggesting enhancements.
What are some of the exciting challenges you will be working on?
- Regularly assessing the organization's information systems, networks, and applications, using both automated scans and manual methods, across on-premise and cloud-based environments.
- Analyzing vulnerability scan results to pinpoint risks, threats, and potential vulnerabilities.
- Delivering clear, concise reports to key stakeholders, including IT, Platform, and Software Engineering teams.
- Collaborating with the vulnerability treatment team to prioritize and address vulnerabilities based on risk level and potential impact.
- Working closely with incident response and threat intelligence teams to identify and mitigate security risks.
- Offering strategies to mitigate and remediate identified vulnerabilities.
- Validating vulnerability assessment findings, including false positives and false negatives.
- Staying updated on emerging threats and technologies to evolve testing methodologies.
- Supporting improvements to vulnerability management tools for effective detection and fewer false positives.
- Monitoring and tracking vulnerability status and trends.
- Establishing metrics to evaluate vulnerability management effectiveness and find areas for enhancement.
- Building strong partnerships across security and non-security teams to support vulnerability management processes.
What does it take to work at LastPass?
- Previous experience in cybersecurity roles.
- Passion for cybersecurity, particularly in vulnerability management, and a knack for spotting vulnerabilities.
- Hands-on experience with vulnerability management tools, methods, and strategies.
- Familiarity with cloud environments, including cloud-specific security measures and best practices.
- Strong analytical skills and critical thinking ability, always striving for process improvement.
- Self-motivated and able to work independently, but also effective in teamwork.
- Excellent written and verbal communication in English, enabling effective collaboration.
- Positive, can-do attitude and willingness to contribute hands-on to the team.
