#170341

Product Threat & Vulnerability Analyst

Location:
London
util.job.terms:
Temporary
Salary:
£21.03-25.86 per hour(£53K Prorata PAYE)
Start date:
23/08/2021
Posted By:
Shivika Upadhyay
Date:
07/16/2021
Duration:
12 months

Job Description:

Position Description :

  • In this role, the candidate will be responsible for supporting a small team (Abuse Bug Bounty) in identifying threats and vulnerabilities to brand’s products and users before they become significant issues.
  • We help discover and mitigate threats to our products that, if undetected, could harm products, users, and brand. We’re focused on proactively identifying and surfacing abusive tactics, content, processes, and product features that contribute to system vulnerabilities, poor user experiences, and/or risk for the company.
  • This requires thinking creatively to develop and conduct tests focusing on user safety, simulating abuse attacks, mapping real user experiences, analyzing and identifying root-causes, and communicating findings in a concise but detailed way. This also requires more advanced technical skills, an analytic and curious mind, excellent and professional communication skills, and a positive attitude to every task.

In this role, a candidate will:

  • Act as the intermediary between brand’s Security Research community and internal Engineering Product teams.
  • Assess and reproduce incoming vulnerability reports with regards to impact and probability of each proposed attack scenario against our abuse ’s threat model.
  • Translate vulnerabilities into realistic and understandable risk, while providing remediation advice.
  • Communicate clearly and efficiently with VRP researchers as well as internal Engineering Product teams.

Skill/Experience/Education

Mandatory

  • Bachelor's degree in Computer Science, Computer Security or Engineering, or equivalent practical experience.
  • Two years of experience: communicating vulnerabilities and threats to technical and non-technical customers, threat modeling and/or in application-level vulnerability and/or penetration testing and exposing vulnerabilities in software products.
  • Excellent communication skills and ability to respond with empathy to both technical vulnerabilities as well as non-issues.
  • Experience in risk management and ability to prioritize in dynamic work environment Programming experience in Python, C/C++, Java, or Go.
  • Ability to speak and write English fluently and idiomatically, any other language is a plus.

Desired

  • It would be great to have someone with a Certified Ethical Hacker (CEH) or similar industry certification.
  • Additionally, having someone with a demonstrated expertise with malware analysis or cloud would be useful.

Interested?

Please can you apply with your CV/Portfolio for consideration. Next steps will be shared with shortlisted candidates asap!

 

Client Description:

Our Client is a multinational technology company, specialising in Internet-related services and products; including online advertising technologies, search engine, cloud computing, software, and hardware. The atmosphere is relaxed with a diverse and innovative culture. Opportunities for growth and progression and networking with like-minded people across the business and beyond.

 

We want to make a world of difference, so it matters to us that we hire differently. Aquent is dedicated to improving inclusivity and is proudly an equal opportunities employer.