Success Starts Here

As a leading global supplier of wafer fabrication equipment and services to the semiconductor industry, Lam Research develops innovative solutions that help our customers build smaller, faster, and more power-efficient devices.

We are a company comprised of people who work hard, deliver outstanding results and maintain a sense of humor during even the most challenging times. Our success results from our employees' diverse technical and business expertise, which fuels close collaboration and ongoing innovation. We know that our dynamic, global team of exceptional employees is essential to our continued growth.

Join the Lam Research team, where you can play a vital role in the future of electronics and write your own success story.

Information Security Risk Analyst - VM

Date:  May 25, 2023

Bangalore, KA, IN, 560071

Req ID:  178306

Job Responsibilities

Lam Research is looking for an Information Security Risk Analyst to join our growing team. The Risk Analyst is responsible for performing services and activities to support the Information Security programs. This role will focus on vulnerability management. The ideal candidate will have proven experience with vulnerability scanning and management, systems (i.e., Qualys, Nessus, OpenVAS, Kenna, Rapid7, Defender etc.). The candidate must possess good understanding of tools, techniques and procedures that modern attackers use and have required understanding of security frameworks and methodologies such as OWASP 10, SANS TOP 25, MITRE ATT&CK. This role requires the ability to work with teams across different time zones, including India, Japan, and the USA. As a Risk Analyst, you will play a crucial role in ensuring information security compliance, mitigating risks, and driving overall security excellence within the organization.

  • Execute cyber security Vulnerability Management program to assess the security posture and compliance of IT services and assets. Be part of the team to implement the vulnerability management activities, which may include vulnerability scanning, security patch management, security testing and compliance checks.
  • Work in collaboration with Infrastructure and Application teams to assess security patches in response to security advisories. Monitor the patch level of Infrastructure and Applications, assess the risks and report overdue patches for management attention.
  • Carry out vulnerability assessment (perform scans), penetration tests, and other types of security assessments of Infrastructure and Applications to proactively identify risks for mitigation.
  • Interpret security tools and penetration testing results to stakeholders and provide advice on vulnerability remediation and risk mitigation.
  • Lead regular meetings with business stakeholders to ensure remediation efforts adhere to corporate standards and policies.
  • Provides analysis/validation of remediation actions taken, opportunities for improvement, and out of the box thinking for optimizations and solving roadblocks.

Other Job Responsibilities

  • Perform security baseline compliance scanning on existing IT infrastructure assets using automated tools to validate security configurations settings.
  • Research and develop security baselines for IT software and technology platforms.
  • Coordinate and perform regular review of Firewall Rules and ACLs to remove obsolete, redundant, and risky rules.
  • Provide trend analysis and reporting of security metrics and KRI related to security posture and vulnerability management to management.
  • Work in partnership with colleagues in the global Cyber Security teams in the regional offices of the USA, Japan and India to share knowledge, support regional/global initiatives and best practices on cyber security.
  • Work with Information Security and Information Technology teams to build & maintain controls to manage varied cyber risks.
  • Create relevant documentation and metrics to your stakeholders and business leaders and deliver these in a clear, concise manner.
  • Ability to build and manage a small team.
  • Interface with other Infosec sub-organizations such as Governance, Risk, and Threat Intelligence to report on program status and coordinate risk tracking.
  • Maintain and compose operational process documentation regarding program execution.

Minimum Qualifications

  • Bachelor’s degree in computer science, Information Technology, Cyber Security, or related discipline
  • 7+ years of Cybersecurity experience with a concentration in vulnerability management
  • Understanding of a variety of technical concepts such as Networking, systems administration, application development, and information security practices
  • Hands-on experience with scanning tools such as Microsoft Defender, Tenable, Rapid7 and Qualys and their configurations
  • Certified in one of the security certifications like CEH/CISSP/OSCP
  • Experience with data analytics with the ability to provide qualitative analysis and recommendations.
  • Ability to develop strong working relationships with a variety of other enabling teams.
  • Strong attention to detail, data accuracy, and data analysis
  • Self-motivated and operates with a high sense of urgency and a high level of integrity.
  • Ability to automate technical tasks using API or scripting.
  • Strong verbal and written communication skills.

Our Commitment

We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results.

Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Company's intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees.

We Look Forward to Your Application

Job Segment: Information Security, Testing, Computer Science, Information Systems, Technology, Research