Cyber Security Consultant

One of Millenilink’s clients is hiring an Attack Surface Reduction Analyst to play a critical role in enhancing the client organization’s cybersecurity posture by identifying, assessing, and mitigating vulnerabilities and threats across their digital environment. This role involves a combination of strategic analysis, hands-on implementation, and collaboration with various teams to reduce our attack surface and improve our overall security resilience.

The primary tool used to do this work is BitSight portal therefore a BitSight portal subject matter expert is required. On a secondary basis they will also use Microsoft Defender – External Attack Surface Management (EASM) as well as Defender for Cloud.

Deliverables will look as follows:

BitSight

• Document all Attack Surface Analytics Severe and Material exposures

• Document all Critical and High vulnerability detections last seen within one month

• Connect client and external Azure tenancies for analysis of publicly facing resources

• Remove any infrastructure assets no longer associated with client

• Add any excluded infrastructure assets to respective organization

Defender EASM

• Populate Discovery Group seeds with the following:

• Public IP addresses assigned to Azure VMs

• Publicly accessible Azure web app URLs

• Azure DNS zones

• Publicly accessible OpenAI resources

• Public IP addresses listed in BitSight Attack Surface Analytics Severe and Material exposures

• Public IP addresses listed in BitSight Critical and High vulnerability detections

• Public IP addresses listed in penetration test findings

Attack Surface Reduction Analyst

• Resolve all BitSight Attack Surface Analytics Severe and Material exposures

• Resolve all BitSight Critical and High vulnerability detections last seen within one month

• Resolve all Critical and High penetration test findings

• Resolve all Defender EASM High priority observations

• Map all Public IP addresses to internal asset/hostname, if possible

• Assist with BitSight and Defender EASM management and configuration

Specific areas of responsibility may fall into any one of the following areas of Attack Surface Reduction:

Vulnerability Assessment: Conduct thorough assessments to identify potential vulnerabilities and weaknesses in systems, applications, and networks.

Attack Surface Analysis: Analyze and map out the organization’s attack surface, including endpoints, network components, applications, and cloud environments, to identify areas of risk.

Mitigation Strategies: Develop and implement strategies and controls to reduce attack vectors and minimize potential entry points for malicious activities.

Risk Evaluation: Continuously evaluate emerging threats and vulnerabilities and assess their impact on client's attack surface.

Incident Response Support: Collaborate with the Incident Response team to address and resolve security incidents related to identified vulnerabilities or attack vectors.

Collaboration: Work closely with I&O, Risk, SOC, SecDevOps, and other relevant teams to integrate security practices into the development and deployment processes.

Security Tools: Utilize and configure security tools and technologies for vulnerability scanning, threat intelligence, and attack surface monitoring.

Documentation & Reporting: Maintain detailed documentation of vulnerabilities, risk assessments, and mitigation actions. Prepare and present reports to stakeholders on security posture and risk status.

Continuous Improvement: Stay current with industry trends, threat intelligence, and emerging technologies to continually enhance our attack surface reduction strategies.