Senior Analyst, Vulnerability Management

• Verbal and written English skills at a professional level.
• A bachelor’s degree in computer science or related field.
• Previous experience in information security (3+ years), with a minimum of 1 year in vulnerability management area.
• Knowledge of risk management processes.
• Previous experience with vulnerability assessment tools and techniques, vulnerability data sources, system threats and vulnerabilities.
• Basic understanding of attacker tactics, techniques, and procedures.
• Ability to understand code and configuration as it relates to security vulnerabilities.
• Capability to recognize and categorize types of vulnerabilities.
• Understanding of enterprise-scale infrastructure, technologies, and applications, both on-premises and in the public cloud.
• Strong communication skills.
• Ability to teach, influence, and adapt as new information becomes available.
• Enthusiasm to learn and gain hands-on experience across different security domains.
• Commitment to working as part of team to deliver a significant and measurable impact on security vulnerability risk.

• Knowledge of encryption algorithms, tools and techniques.
• Knowledge of programming language structures and logic.
• Understanding of cybersecurity laws and regulations, models and frameworks.
• Experience with cyber defense and hardening tools and techniques.
• Previous experience in penetration testing tools, principles and practices.

• Analyze technical vulnerabilities to determine the real impact to Morningstar systems. Review security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets.
• Provides technical vulnerability analysis and remediation options.
• Staff the Enterprise-wide vulnerability management program, collaborating with partners to coach and support remediation operations while providing technical guidance and tracking resolution progress.
• Give real, actionable remediation advice above and beyond what the tools and testers provide.
• Create reports related to vulnerability management KPIs.
• Generate detailed security reports and metrics to communicate risk status and remediation progress to key stakeholders.
• Assist with documenting and regularly reviewing relevant processes and procedures.
• Train, mentor and guide junior colleagues.

Start today and shape tomorrow

Join us in our mission to build a more just and sustainable global economy

About us

For more than 25 years, Sustainalytics has focused on delivering high-quality, analytical environmental, social and governance (ESG) research, ratings and data to institutional investors and companies.

Our research is empowering world’s leading institutional investors to identify, understand, and manage risks and opportunities from an ESG perspective.

Our Corporate Solutions unit works with hundreds of companies and their financial intermediaries to help them consider sustainability in policies, practices, and capital projects.

What is ESG?

Environmental, social, and governance (ESG) criteria are a set of standards for a company’s operations that socially conscious investors use to screen potential investments.

Environmental: climate change, waste and pollution, greenhouse gas emissions, deforestation.

Social: human rights, employee relations and diversity, working conditions, health and safety, bribery and corruption, ethics.

Governance: board composition, executive remuneration, succession planning, tax strategy.

*Please note that the items listed above are not complete and represent few examples for each factor.

Benefits

Learning and Development Support - You can benefit from online trainings and resources, job related subscriptions, seminars, and conferences. The company can also offer corporate subscriptions to e-learning platforms such as LinkedIn Learning.

Flexible Schedule – We continue to offer flexible schedule options for our global employees, in accordance with local policies and in agreement with the direct manager.

Sabbatical – Enjoy the time and space to explore and learn away from work for up to 3 weeks, after 4 years of continuous employment with the company.

Extra Days Off for Volunteering for Social Causes- You can benefit annually from 2 paid days off for carrying out volunteer activities.

Supportive Environment & Great People - As our new colleague, we are offering you all the support you need to make you feel more welcomed through our global buddy program to help you with your first steps in Sustainalytics.

We work hard, we celebrate, and we volunteer together. We are a community of like-minded individuals driven by the same passion to make the world a better place.

For more information visit https://www.sustainalytics.com/ and