People.ai accelerates enterprise growth through the power of AI. With the industry’s only Revenue Intelligence System, People.ai frees all customer-facing teams, including sales, marketing, and customer success, from manual data entry by automatically capturing all contact and customer activity data, dynamically updating CRM and other systems of record, and providing actionable intelligence across management tools to realize the full selling capacity of the enterprise. Some of the world’s best brands are leveraging People.ai to transform their business, including Lyft, New Relic, Okta, Tanium, and Zoom.

At People.ai, we believe that people enrich the world around them in countless ways. We believe that the more time they spend applying their creativity, resourcefulness and critical thinking to activities that matter most in their professional life, the more effective a professional they become. We’re developing a deep understanding of the professional world, mapping people, companies, and the information that flows between them through natural language processing and machine learning. Our team is a diverse, outspoken group of creatives and critical thinkers, hyper-focused on driving enterprise growth. We embrace different. We applaud non-traditional career paths. We’re inspired by people who have made processes their own.

Trust is the #1 InfoSec value. Are you the type of person that seeks out roadblocks or tough organizational issues and views those as an opportunity? Do you think of creative solutions to complex problems and solve them? Are you interested in driving product and program excellence in an enterprise-scale automated vulnerability assessment environment that collects vulnerability data from hosts across the stack and turns it into meaningful actionable security intelligence? If so Join People.ai!!

People.ai is seeking a passionate cyber security professional who understands the value of identifying and removing threats or vulnerabilities in the environment.

The Vulnerability Research Analyst will be responsible for the day-to-day operation of our security scan tools and making findings actionable. They will ensure optimal implementation of our scan tools and update configurations as the environment changes. In this role, they are responsible for identifying security threats facing the company, from the enterprise, operations, and product development. The analyst will build meaningful relationships with teams in multiple People.ai business units to drive the vulnerability remediation effort. They will participate in the implementation, execution, metrics, and sustainability of program objectives that allow security operations to continuously improve our ability to detect and protect our world-wide footprint from vulnerabilities and threats. The ideal candidate can come from either an enterprise security background or from a product-development/DevSecOps background, and will work to support both.

Responsibilities

Onboard to our Tools
Learn the essential architecture of People.ai for the enterprise and applications.
Learn the fundamentals of any tools that are new to you through vendor resources, contacts, and online training.
Review findings in the security tools, gaining a baseline understanding of where security stands.
Identify gaps as well as areas of redundancy, ensuring there is coverage for Enterprise, Operations and DevOps.

Vulnerability Management Activities
Support our vulnerability management program through technical triage, facilitate prioritization with security expertise and track vulnerability to resolution.
Work with engineering teams to validate detection effectiveness and identify areas for improvement.
Ensure we are implementing best security practices that address the needs of our organization and our customers.

Enhance our Security Coverage
Coordinate with IT, site reliability, and engineering teams to ensure security solutions are implemented appropriately.
Support vendor selection for new tools to enhance security posture or fill gaps in coverage.
Work with stakeholders to tune tools to minimize false positives.

Own an Ongoing Vulnerability Communication Program
Create a standard approach to summarizing vulnerability findings and communicating them to appropriate audiences.
Hold working sessions with teams to ensure they understand the vulnerability findings and provide actionable information.
Assign Jira tickets and manage overall tracking.
Help produce meaningful metrics and reports for leadership on organizational vulnerability health.

Requirements

Thorough understanding of core Information Security principles such as CIA triad, malware, vulnerabilities, exploits, attacks, firewalls, intrusion detection/prevention systems, etc. Even better where understanding is focused on cloud software.
Must have the ability to interpret information security data to identify potential security events.
SME in at least two of the following: Threat and Vulnerability Management, Forensics, Threat Hunting and Red/Purple Teaming, Network/Firewall controls, or Penetration Testing.
Experience with several vulnerability tools such as Tenable, Rapid7, Kenna, Qualys, etc.
Knowledge of log management, SIEM, and/or UEBA (e.g. Splunk, QRadar, LogRhythm, Exabeaml, etc.)
Experience with AWS and endpoint security tools (e.g. Crowdstrike Falcon, AWS Cloudtrail, AWS Shield, etc.
Knowledge of securing\monitoring containerized environments (Kubernetes, Docker, S3).
Strong analytical skills to define risk, identify potential threats, and develop and document action/mitigation plan.
The ideal candidate have the following certifications: Certified Information Systems Security Professional (CISSP) OR Certified Information Security Manager (CISM).
Bachelor’s Degree In Computer Science or related discipline.
3+ years of professional work experience in information security roles.

People.ai stands alone in our ability to harness business activity to unlock growth for our customers. We’ve been awarded 49 patents and have an additional 50+ under review. We’ve also received validation via Gartner’s Hype Cycle for CRM Sales Technology, inclusion in Forrester’s New XX Wave, the Y Combinator Top Companies List, and the Forbes AI 50 list.

Headquartered in Redwood City, CA, People.ai is backed by Y Combinator and Silicon Valley’s top investors, including ICONIQ Capital, Andreessen Horowitz, Lightspeed Venture Partners, Akkadian Ventures, and Mubadala Capital. To learn more, visit us online at: www.people.ai