Senior Technical Risk Analyst - Vulnerability Management (Information Security)

Full Time
Santa Clara, CA
Areas of Interest: Vulnerability Assessment and Management
report a problem

Disruptive Technology. Smart People.
Join us as we lead a new era in cybersecurity.

Palo Alto Networks competes for the best talent. Our compensation packages consist of salary and equity, and are commensurate with accomplishment. We offer a full suite of benefits, including 401(K). Equal Employment Opportunity / Affirmative Action Employer.

Palo Alto Networks® is the fastest-growing security company in history.  We offer the chance to be part of an important mission: ending breaches and protecting our way of digital life. If you are a motivated, intelligent, creative, and hardworking individual, then this job is for you!

We are seeking an Sr. Technology Risk Analyst to join our Information Security team.  In this role, you will report to the GRC Director and work directly with senior leadership including the CISO.  You will join a team of experienced, out-of-the-box thinkers and create programs that deliver real security results.  Your primary focus will be to mature our technical vulnerability management program and processes.


  • Quickly understand complex cloud and internal technology environments/systems infrastructure, architecture and data flows.
  • Contextualize and assess vulnerability results for risk based on understanding of the environment and existing security controls.
  • Design asset categorization/tagging to provide focused reporting from vulnerability scanning systems. Adjust risk scoring standards (normalize CVSS vectors, etc) to ensure accuracy of risk ratings in vulnerability scan results.
  • Assist with vulnerability remediation management, including managing the vulnerability risk register.
  • Identify and negotiate mitigation strategies with stakeholders to improve configuration and patch management programs.
  • Build and cultivate positive working relationships with internal customers such as Engineering, DevOps, IT, Information Security, etc.
  • Author and update relevant technical standards.
  • Conduct qualitative and quantitative technical risk assessments for company and third party environments.
  • Contribute to Governance, Risk Management and Compliance programs, as needed.

Basic Qualifications:

  • 5+ years of information technology and/or information security experience
  • 3+ years of security testing experience across complex technology environments (i.e. penetration testing, vulnerability scanning).
  • Experience with vulnerability detection tools (i.e. Nessus, Rapid7, AppScan, WhiteHat)
  • Working knowledge of quantitative vulnerability scoring standards such as CVSS, OCTAVE, etc.
  • Familiar with a broad range of technical concepts: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy.
  • Experience with security best practices and standards (SANS, CIS, PCI).
  • Team first and positive “can-do” attitude in a fast-paced, high-demand environment.
  • BS/BA degree and/or an equivalent combination of education, certifications (CISSP, CISM, etc.) and work experience.

 Learn more about Palo Alto Networks here and check out our fast facts!

If you are a recruiter or placement agency, please do not submit resumes to any person or email address at Palo Alto Networks prior to having a signed agreement from Human Resources. Palo Alto Networks is not liable for and will not pay placement fees for candidates submitted by any agency other than its approved recruitment partners. Furthermore, any resumes sent to us without an agreement in place will be considered your company's gift to Palo Alto Networks and may be forwarded to our recruiters for their attention. Thank you.

Share this job:

Palo Alto Networks

We did it. A Leader Again.
Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyber threat prevention capabilities, our game-changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization’s most valuable assets.

network security, firewall, IPS, URL filtering, threat and malware prevention, cybersecurity, enterprise security platform, threat intelligence
Visit Palo Alto Networks's Social Media pages:
Company Industry: Computer & Network Security
Company Type: Public Company
Company Size: 1,001-5000