Vulnerability Management Engineer
15 days ago
Job Title:Vulnerability Management Engineer
Activision Blizzard plays a centralized role in the creation of epic entertainment by supporting our interactive gaming brands and studios with a diverse range of career opportunities across corporate functions such as Marketing, Communications, Legal, Human Resources, Finance and Supply Chain. Located in our global headquarters in Santa Monica, we encompass equal parts agility, creativity and rigor to enhance the employee and player experience. To learn more, check us out at www.activisionblizzard.com or on Twitter at @ATVI_AB.
Activision, the publisher of the hit Call of Duty franchise, is looking for a passionate security analyst to join our Activision Blizzard King (ABK) Security Vulnerability Management team. If you are an avid gamer with a vulnerability management background, come be a part of our team. The Vulnerability Management team is supporting all our business partner teams to identify vulnerabilities affecting any of the assets of the organization. You will work closely with the rest of the Vulnerability Management team for coordinating communications for incoming new vulnerabilities, detecting, triaging, prioritizing, reporting and helping to patch vulnerabilities affecting any of the resources inside the business.
You will also be responsible for building and maintaining metrics and KPIs for vulnerability management, that include scan coverage or compliance against our defined SLAs. The entire team is also involved in cooperation with any other teams to help patch and prevent vulnerabilities.
This role reports into the Director, Offensive Operations and maintains good relationships with all line-of-business technology groups. You will work closely with several key individuals and teams and will be part of a dedicated team of security engineers who demonstrate superb technical competency, contributing to make our infrastructure as secure as possible. Qualified candidates will have a background in IT, computer, security systems analysis and engineering.
Priorities can often change in a fast-paced environment like ours, so this role includes, but is not limited to, the following responsibilities:
- Reviewing any recent vulnerabilities made public to ensure we address them appropriately, and coordinate efforts between multiple teams to address them in a timely manner
- Become the main point of contact for inquiries about vulnerabilities and vulnerability-related tickets
- Providing the teams with any sort of help regarding vulnerabilities, this being risk evaluation, patching, etc.
- Prepare security related assessment reports with clearly documented findings and recommendations
- Ensure that the all our assets are being consistently scanned
- Identify gaps in our current processes, workflows and design architectures and recommend changes or enhancements as needed
- Work with other teams to drive new projects
- Act as an advocate for security and the team in all tasks and engagements, not just vulnerability management specific
- Organized and structure approach, to help the team coordinate efforts and to build playbooks that will be leading our actions
- Solid ability to understand vulnerability ratings, criticality and impact
- Solid understanding of vulnerability management processes.
- Experience hardening clients, servers and networks services
- Deep knowledge about vulnerabilities, impact and risk associated with them
- Excellent knowledge of cloud security best practices and solutions in cloud security posture management.
- Experience in Cloud Services like Google Cloud, AWS, Azure
- Experience defining Identity and Access Management frameworks
- Experience with network technologies, security, and monitoring tools
- Hands-on experience with log collection, normalizing, and management; security infrastructure and policies; and risk mitigation
- Thorough understanding of the latest security principles, techniques, and protocols
- Ability to problem solve independently and collaborate as a team to solve complex problems in support of the team’s mission
- Demonstrable experience in installing, configuring, and troubleshooting Microsoft Windows and/or UNIX/Linux based environments
- Knowledge of industry best practices for foundational security elements including network devices and system-level hardening
- Proven work experience as a system engineer or information security engineer
- Detailed technical knowledge of operating systems and security
- Knowledge of containerization software: Docker, Kubernetes
- Knowledge of shell scripting, Python, Perl
- Knowledge of Security Orchestration Automation and Response (SOAR) products.
**Irvine/Southern California is preferred but remote may be considered**
Activision Blizzard, Inc. (NASDAQ: ATVI), is one of the world's largest and most successful interactive entertainment companies and is at the intersection of media, technology and entertainment. We are home to some of the most beloved entertainment franchises including Call of Duty®, World of Warcraft®, Overwatch®, Diablo®, Candy Crush™ and Bubble Witch™. Our combined entertainment network delights hundreds of millions of monthly active users in 196 countries, making us the largest gaming network on the planet!
Our ability to build immersive and innovative worlds is only enhanced by diverse teams working in an inclusive environment. We aspire to have a culture where everyone can thrive in order to connect and engage the world through epic entertainment. We provide a suite of benefits that promote physical, emotional and financial well-being for ‘Every World’ - we’ve got our employees covered!
The videogame industry and therefore our business is fast-paced and will continue to evolve. As such, the duties and responsibilities of this role may be changed as directed by the Company at any time to promote and support our business and relationships with industry partners.
Activision is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law and will not be discriminated against on the basis of disability.
Create Your Profile — Game companies can contact you with their relevant job openings.