CASY-MSCCN Jobs

LiveRamp is the data collaboration platform of choice for the world’s most innovative companies. A groundbreaking leader in consumer privacy, data ethics, and foundational identity, LiveRamp is setting the new standard for building a connected customer view with unmatched clarity and context while protecting precious brand and consumer trust. LiveRamp offers complete flexibility to collaborate wherever data lives to support the widest range of data collaboration use cases—within organizations, between brands, and across its premier global network of top-quality partners.

Hundreds of global innovators, from iconic consumer brands and tech giants to banks, retailers, and healthcare leaders turn to LiveRamp to build enduring brand and business value by deepening customer engagement and loyalty, activating new partnerships, and maximizing the value of their first-party data while staying on the forefront of rapidly evolving compliance and privacy requirements.

You will:

• Analyze and validate vulnerability scanning results for open-source software vulnerabilities

• Provide remediation recommendations for open and closed-source vulnerabilities identified by code scanning tools

• Deep understanding of the software development lifecycle and where security by design is incorporated

• Provide consultation and remediation guidance to Software Development and Information Technology (IT) teams

• Develop, enhance, or maintain various vulnerability management services, including but not limited to vulnerability scanning, application, and infrastructure security assessments

• Coordinate penetration test and red teaming exercises with third-party compliance partners when necessary

• Participate in the penetration testing of Web Applications and APIs when necessary

• Analyze and validate security assessment findings leveraging different tools (i.e., Burp Suite)

• Configure and manage tools for the proactive identification of vulnerabilities (i.e., ZAP, BurpSuite)

• Assist with the deployment and maturity of vulnerability management tools, including all related process documentation

• Using a service management platform, manage the tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and Service Level Agreements (SLAs) with responsible technology owners and support teams

• Configure and provide system administration support for vulnerability scanning technologies

• Develop and enhance custom scripts to help automate vulnerability assessment processes (e.g., vulnerability scanning and reporting)

• Leverage cyber threat intelligence and the exploit prediction scoring system (EPSS) to organize communications and remediations

• Generate reports and provide recommendations for vulnerability metrics and other operational and Executive data points when necessary

About you:

• Bachelor's degree in Cyber Security, Computer or Software Engineering, Computer Science, Security Engineering, Information Management, Information Science, or equivalent technical work experience

• 4+ years of experience working in information security or information technology roles

• Baseline to intermediate experience with software development

• Experience with multiple development languages, including Terraform, Python, and JavaScript

• In-depth knowledge of OWASP top10 (Web Application and API) and the OWASP Application Security Verification Standard

• Intermediate understanding of SecDevOps/DevSecOps and CI/CD

• Hand-on experience with Static and Dynamic application security testing

• Familiarity with vulnerabilities that affect third-party libraries and open-source dependencies

• Mid-level experience with cloud infrastructure, including but not limited to account and project structure, Virtual Machines, containers, Kubernetes, and serverless architectures

• Experience with enterprise vulnerability scanning solutions

• Demonstrated ability to interact with business and technical audiences across all levels of an organization

• In-depth knowledge of common internet protocols (e.g., DNS, HTTPS, TLS)

• Basic understanding of networking concepts and protocols

• Strong time management skills and experience handling multiple initiatives with competing priorities

• Self-starter with strong analytical and technical skills

Bonus Points:

• Experience with Cloud Infrastructures

• Experience performing security testing activities (e.g., web application security assessments (WASA), penetration testing, red teaming)

• Experience with code vulnerability scanning

• Knowledge of Cloud Posture Management tooling

• Knowledge of collecting or consuming cyber threat intelligence

• Experience with bug bounty or crowd-sourced ethical hacking platforms

More about us:

LiveRampers are empowered to live our values of committing to shared goals and operational excellence. Connecting LiveRampers to new ideas and to one another is one of our guiding principles—one that informs how we hire, train, and grow our global teams across nine countries and four continents. By continually building inclusive, high belonging teams, LiveRampers can deliver exceptional work, champion innovative ideas, and be their best selves. Click here (https://liveramp.com/about/diversity-inclusion-belonging/) to learn more about Diversity, Inclusion, & Belonging (DIB) at LiveRamp.

For All NYC POSTINGS & SF POSTINGS

The approximate annual compensation range is $116,000.00 to $144,000.00. The actual offer, reflecting the total compensation package and benefits, will be determined by a number of factors including the applicant's experience, knowledge, skills, and abilities, geography, as well as internal equity among our team.

LiveRamp is an affirmative action and equal opportunity employer (AA/EOE/W/M/Vet/Disabled) and does not discriminate in recruiting, hiring, training, promotion or other employment of associates or the awarding of subcontracts because of a person's race, color, sex, age, religion, national origin, protected veteran, disability, sexual orientation, gender identity, genetics or other protected status. Qualified applicants with arrest and conviction records will be considered for the position in accordance with the San Francisco Fair Chance Ordinance.

California residents: Please see our California Personnel Privacy Policy (https://liveramp.com/privacy/california-personnel-privacy-policy/) for more information regarding how we collect, use, and disclose the personal information you provide during the job application process.

To all recruitment agencies: LiveRamp does not accept agency resumes. Please do not forward resumes to our jobs alias, LiveRamp employees or any other company location. LiveRamp is not responsible for any fees related to unsolicited resumes.

#LI-Remote

More about us:

LiveRamp’s mission is to connect data in ways that matter, and doing so starts with our people. We know that inspired teams enlist people from a blend of backgrounds and experiences. And we know that individuals do their best when they not only bring their full selves to work but feel like they truly belong. Connecting LiveRampers to new ideas and one another is one of our guiding principles—one that informs how we hire, train, and grow our global team across nine countries and four continents. Click here (https://liveramp.com/diversity-inclusion-belonging/) to learn more about Diversity, Inclusion, & Belonging (DIB) at LiveRamp.

We are proud to be an equal employment opportunity and affirmative action employer. We believe in diversity and do not discriminate based on race, color, religion, sex, age, national origin, veteran status, sexual orientation, gender identity, disability, or any other basis of discrimination prohibited by law.