Analyze vulnerability scan results from scanning tools and threat intel to identify risks, prioritize remediation based on regulatory and business requirements, while leveraging the tool's capabilities for asset grouping, dynamic analysis, and reporting.
Develop and execute remediation plans in close collaboration with technical teams across our Label subsidiaries (Zynga, Rockstar, 2K) and development studios documenting and tracking progress within our ticketing and workflow management system.
Lead validation of remediation effectiveness through post-remediation assessments, leveraging scanning tools for rescans and confirming closure within our ticketing and workflow management system.
Enforce patch compliance by tracking deployments, managing exceptions, and ensuring adherence to SLAs, utilizing our ticketing and workflow management system for assignment, tracking, and escalation of exceptions, informed by scanning tool data.
Monitor and report remediation progress, providing detailed metrics, trends, and outstanding issues, generating reports directly from our ticketing and workflow management system and leveraging scanning tool data for context.
Communicate remediation updates to stakeholders, addressing potential business impacts, utilizing our ticketing and workflow management system for clear communication and workflow updates.
Collaborate with the broader Information Security team to align remediation with the overall security strategy, leveraging insights from our scanning and ticketing/workflow management tools to inform strategic decisions.
Build strong partnerships with teams across our Labels to foster an integrated vulnerability management approach, utilizing our ticketing and workflow management system as the central platform for collaboration and tracking.
Work with engineering to maintain integrations between our scanning tools and ticketing/workflow management system to ensure seamless data flow and efficient workflow automation.
Develop and customize workflows within our ticketing and workflow management system to optimize the vulnerability remediation lifecycle.
Create and maintain dashboards and reports within both our scanning tools and ticketing/workflow management system to provide clear visibility into the vulnerability landscape and remediation progress.
Troubleshoot issues related to scanning processes, data ingestion into our ticketing system, and the overall functionality of the vulnerability management toolset.
WHAT YOU BRING
3+ years in a security operations role, with a focus on vulnerability management, patching, and remediation workflows.
Hands-on experience with vulnerability scanners (Tenable, Qualys, Rapid7) and enterprise patching platforms (SCCM, JAMF).
Strong familiarity with workflow/ticketing systems like ServiceNow, Jira, or similar — including workflow automation, dashboarding, and reporting.
A deep understanding of common vulnerabilities, CVSS scoring, EPSS, KEV, threat exposure, and remediation best practices across OS, network, and application layers.
Comfort working cross-functionally with infrastructure, development, and support teams to drive remediation at scale.
Strong scripting or automation experience is a plus (Python, PowerShell, API integration).
Excellent communication skills — able to explain technical risk to non-technical stakeholders and influence without authority.
Security certifications (e.g., SecurityX / CASP+, CySA+, GEVA, ) are a plus, but not required.
