It Risk Management Analyst
Alienvault
Austin, Texas Area
Managing over vulnerability disclosure program to ensure responsible handling, remediation, and disclosure of vulnerabilities in Alienvault public domains and product. Part of a team of 4 security personal to establish HIPAA, PCI-DSS 3.2, SOC2 (Type 1 & 2), ISO 27001 and GDPR compliance of Alienvault USM Anywhere and Central products. Solely responsible of inventory control, follow ups of log anomalies, vulnerability management process, public relations of hacker and security researcher community via Twitter and HackerOne, auditing various controls and documents and setting rules and configs in Alienvault USM Anywhere. Organize penetration and segmentation testing per compliance requirements, along with managing the findings and retesting after remediation. Along with helping developers improve the product from a security analyst point of view. Helping our training team with proper content to train students as security analyst using our products. Am also a contributor to the network security team as a reference point and help with resources to allow them to succeed in their operations in PenTesting, log analysis, and vulnerability testing.