Cybersecurity Analyst – Cloud & Product Vulnerability
Fortive Corporation (SE), Indiana, PA, United States
Cybersecurity Analyst – Cloud & Product Vulnerability
We are looking for a Cybersecurity Analyst to strengthen our security posture across web applications, cloud environments, embedded systems, and infrastructure. The role will lead vulnerability management, cloud security, endpoint protection, and secure development lifecycle activities. This includes managing vulnerabilities, improving Cloud Security posture, ensuring CrowdStrike coverage, and collaborating across engineering and IT teams to remediate risks.
Additional responsibilities include supporting automation development for security workflows, contributing to third‑party risk management (TPRM) processes, and driving cross‑functional security initiatives across firmware, DevOps, and product engineering.
Responsibilities:
Vulnerability Identification and Management:
Scan, identify, validate, and document vulnerabilities across web applications, cloud platforms, endpoints, and infrastructure.
Prioritize and assist remediation by working closely with engineering, DevOps, IT, and product teams.
Automate vulnerability reporting dashboards and tracking workflows.
Cloud Security (AWS/Azure/GCP):
Assess and monitor cloud resources for misconfigurations, IAM risk, network exposures, and storage security gaps.
Support implementation of cloud‑native security controls and DevSecOps integrations.
Collaborate with cloud and DevOps teams to ensure secure configuration baselines.
Endpoint Security & CrowdStrike Management:
Ensure CrowdStrike Falcon coverage across all managed assets; review, analyze, and triage endpoint alerts; work with IT to ensure master images are securely configured.
Secure Development Lifecycle (SDL):
Support SAST/DAST integrations and review findings with developers; promote secure coding practices and CI/CD pipeline hardening; assist teams in threat modeling.
Security Tooling Coverage:
Ensure all standard security tools are installed and active across devices; validate deployment accuracy.
Asset Inventory Maintenance:
Maintain accurate inventories of applications, domains, infrastructure components, and ownership mappings; support CMDB accuracy.
Monitor and Improve Security Metrics:
Contribute to improving internal security posture metrics, Bitsight score, and related KPIs; ensure vulnerabilities are remediated within SLA timelines.
Security Monitoring and Alert Management:
Review, analyze, and triage alerts from vulnerability scanners, cloud security tools, and endpoint protection systems; Escalate high‑risk findings.
Reporting and Documentation:
Provide regular reports for leadership on vulnerability trends and remediation progress; maintain documentation for tools, workflows, processes, and best practices.
Process Improvement & Automation:
Support continuous improvement of vulnerability management workflows; build automation using Python/JavaScript to enhance efficiency.
Qualifications and Experience:
Strong understanding of system security principles and common vulnerabilities.
Experience with cloud security concepts, IAM, and misconfiguration analysis.
Knowledge of endpoint protection tools, especially CrowdStrike Falcon.
Foundational experience with vulnerability assessment tools.
Experience with DevSecOps, SAST/DAST, and automation frameworks preferred.
Detail‑oriented with strong accountability and documentation skills.
Ability to prioritize tasks and collaborate across teams.
Willingness to learn and grow in advanced security domains.
Education: B.Tech in Cybersecurity, Computer Science, Engineering, or related field OR equivalent work experience.
Equal Opportunity Employer Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. We are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at applyassistance@fortive.com.
We are an Equal Opportunity Employer.
#J-18808-Ljbffr
Additional responsibilities include supporting automation development for security workflows, contributing to third‑party risk management (TPRM) processes, and driving cross‑functional security initiatives across firmware, DevOps, and product engineering.
Responsibilities:
Vulnerability Identification and Management:
Scan, identify, validate, and document vulnerabilities across web applications, cloud platforms, endpoints, and infrastructure.
Prioritize and assist remediation by working closely with engineering, DevOps, IT, and product teams.
Automate vulnerability reporting dashboards and tracking workflows.
Cloud Security (AWS/Azure/GCP):
Assess and monitor cloud resources for misconfigurations, IAM risk, network exposures, and storage security gaps.
Support implementation of cloud‑native security controls and DevSecOps integrations.
Collaborate with cloud and DevOps teams to ensure secure configuration baselines.
Endpoint Security & CrowdStrike Management:
Ensure CrowdStrike Falcon coverage across all managed assets; review, analyze, and triage endpoint alerts; work with IT to ensure master images are securely configured.
Secure Development Lifecycle (SDL):
Support SAST/DAST integrations and review findings with developers; promote secure coding practices and CI/CD pipeline hardening; assist teams in threat modeling.
Security Tooling Coverage:
Ensure all standard security tools are installed and active across devices; validate deployment accuracy.
Asset Inventory Maintenance:
Maintain accurate inventories of applications, domains, infrastructure components, and ownership mappings; support CMDB accuracy.
Monitor and Improve Security Metrics:
Contribute to improving internal security posture metrics, Bitsight score, and related KPIs; ensure vulnerabilities are remediated within SLA timelines.
Security Monitoring and Alert Management:
Review, analyze, and triage alerts from vulnerability scanners, cloud security tools, and endpoint protection systems; Escalate high‑risk findings.
Reporting and Documentation:
Provide regular reports for leadership on vulnerability trends and remediation progress; maintain documentation for tools, workflows, processes, and best practices.
Process Improvement & Automation:
Support continuous improvement of vulnerability management workflows; build automation using Python/JavaScript to enhance efficiency.
Qualifications and Experience:
Strong understanding of system security principles and common vulnerabilities.
Experience with cloud security concepts, IAM, and misconfiguration analysis.
Knowledge of endpoint protection tools, especially CrowdStrike Falcon.
Foundational experience with vulnerability assessment tools.
Experience with DevSecOps, SAST/DAST, and automation frameworks preferred.
Detail‑oriented with strong accountability and documentation skills.
Ability to prioritize tasks and collaborate across teams.
Willingness to learn and grow in advanced security domains.
Education: B.Tech in Cybersecurity, Computer Science, Engineering, or related field OR equivalent work experience.
Equal Opportunity Employer Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. We are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at applyassistance@fortive.com.
We are an Equal Opportunity Employer.
#J-18808-Ljbffr