Veza
Senior Analyst, Threat Management
Veza, Redwood City, California, United States, 94061
Veza Veza is the identity security company that enables organizations to understand, manage and control who can and should take what action on what data. The Senior Analyst, Threat Management will play a crucial role in proactively identifying and mitigating potential security and access configuration issues across all platforms and systems integrated with Veza. This position requires a detail-oriented and analytical individual with a strong background in threat intelligence and vulnerability management. The role will report into the Security & Trust Office and will be instrumental in enhancing Veza's security posture and product offerings.Location:
RemoteCore Roles and Responsibilities:Monitor and analyze the threat landscape for emerging vulnerabilities, exploits, and attack vectors relevant to Veza's integrated platforms and systems.Conduct regular vulnerability assessments and penetration testing on Veza's products and integrated systems.Develop and maintain a comprehensive database of known vulnerabilities and potential security issues specific to identity and access management systems.Proactive Security Enhancement:Collaborate with product and engineering teams to integrate security checks and alerts into the Veza platform based on identified threats and vulnerabilities.Develop and implement processes for continuous monitoring and assessment of security configurations across integrated platforms.Create and maintain documentation on best practices for secure configuration of integrated systems.Risk Analysis and Reporting:Perform in-depth risk analyses of identified vulnerabilities and their potential impact on Veza and its customers.Prepare detailed reports and recommendations for addressing security issues and improving overall security posture.Develop and maintain security metrics and key performance indicators (KPIs) to track the effectiveness of threat management efforts.Cross-functional Collaboration:Work closely with the Product Security team to ensure that identified vulnerabilities are addressed in Veza's product development lifecycle.Collaborate with Customer Success and Support teams to provide expert guidance on security-related inquiries and concerns.Contribute to the development of security awareness training materials and customer-facing security documentation.Stay current with the latest trends, technologies, and best practices in threat intelligence and vulnerability management.Participate in relevant industry forums, conferences, and working groups to expand knowledge and network.Contribute to the ongoing improvement of Veza's threat management processes and methodologies.Requirements:Bachelor's degree in Computer Science, Cybersecurity, or a related field; Master's degree preferred.Minimum of 5 years of experience in information security, with a focus on threat intelligence and vulnerability management.Strong understanding of identity and access management systems, cloud security, and data protection principles.Proficiency in using various security tools and technologies for vulnerability assessment and threat analysis.Experience with security information and event management (SIEM) systems and log analysis.Excellent analytical and problem-solving skills with attention to detail.Strong written and verbal communication skills, with the ability to explain complex security concepts to various audiences.Relevant certifications such as CEH, OSCP, GIAC, or equivalent are highly desirable.Familiarity with compliance frameworks such as SOC2, ISO27001, and GDPR is a plus.Our CultureWe’re driven to build a strong company culture and are looking for individuals with solid alignment with the following:Pre-tax health care, dependent care, and commuter benefits (FSA)Flexible medical, dental, and vision benefitsParental leaveFlexible Time OffMonthly Connectivity StipendAt Veza, your base pay is one part of your total compensation package. For this position, the reasonably expected pay range can be discussed with your recruiter for the level at which this job has been scoped. Your base pay will depend on several factors, including your experience, qualifications, education, location, and skills. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for equity and a competitive benefits package.Veza is proud to be an equal opportunity employer. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. We also consider qualified applicants according to applicable federal, state, and local laws. If a candidate with a disability requires an accommodation during the recruitment process, please email
recruiting@veza.com .About VezaVeza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Authorization Graph. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations. Founded in 2020, Veza is headquartered in Redwood City, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.
#J-18808-Ljbffr
RemoteCore Roles and Responsibilities:Monitor and analyze the threat landscape for emerging vulnerabilities, exploits, and attack vectors relevant to Veza's integrated platforms and systems.Conduct regular vulnerability assessments and penetration testing on Veza's products and integrated systems.Develop and maintain a comprehensive database of known vulnerabilities and potential security issues specific to identity and access management systems.Proactive Security Enhancement:Collaborate with product and engineering teams to integrate security checks and alerts into the Veza platform based on identified threats and vulnerabilities.Develop and implement processes for continuous monitoring and assessment of security configurations across integrated platforms.Create and maintain documentation on best practices for secure configuration of integrated systems.Risk Analysis and Reporting:Perform in-depth risk analyses of identified vulnerabilities and their potential impact on Veza and its customers.Prepare detailed reports and recommendations for addressing security issues and improving overall security posture.Develop and maintain security metrics and key performance indicators (KPIs) to track the effectiveness of threat management efforts.Cross-functional Collaboration:Work closely with the Product Security team to ensure that identified vulnerabilities are addressed in Veza's product development lifecycle.Collaborate with Customer Success and Support teams to provide expert guidance on security-related inquiries and concerns.Contribute to the development of security awareness training materials and customer-facing security documentation.Stay current with the latest trends, technologies, and best practices in threat intelligence and vulnerability management.Participate in relevant industry forums, conferences, and working groups to expand knowledge and network.Contribute to the ongoing improvement of Veza's threat management processes and methodologies.Requirements:Bachelor's degree in Computer Science, Cybersecurity, or a related field; Master's degree preferred.Minimum of 5 years of experience in information security, with a focus on threat intelligence and vulnerability management.Strong understanding of identity and access management systems, cloud security, and data protection principles.Proficiency in using various security tools and technologies for vulnerability assessment and threat analysis.Experience with security information and event management (SIEM) systems and log analysis.Excellent analytical and problem-solving skills with attention to detail.Strong written and verbal communication skills, with the ability to explain complex security concepts to various audiences.Relevant certifications such as CEH, OSCP, GIAC, or equivalent are highly desirable.Familiarity with compliance frameworks such as SOC2, ISO27001, and GDPR is a plus.Our CultureWe’re driven to build a strong company culture and are looking for individuals with solid alignment with the following:Pre-tax health care, dependent care, and commuter benefits (FSA)Flexible medical, dental, and vision benefitsParental leaveFlexible Time OffMonthly Connectivity StipendAt Veza, your base pay is one part of your total compensation package. For this position, the reasonably expected pay range can be discussed with your recruiter for the level at which this job has been scoped. Your base pay will depend on several factors, including your experience, qualifications, education, location, and skills. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for equity and a competitive benefits package.Veza is proud to be an equal opportunity employer. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. We also consider qualified applicants according to applicable federal, state, and local laws. If a candidate with a disability requires an accommodation during the recruitment process, please email
recruiting@veza.com .About VezaVeza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Authorization Graph. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations. Founded in 2020, Veza is headquartered in Redwood City, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.
#J-18808-Ljbffr