Senior Cyber Defense Analyst

Who You’ll Work With

The Attack Surface Management (ASM) team drives Nike’s enterprise-wide vulnerability reduction through automation, strong engineering rigor, and fast, transparent execution. The Senior Cyber Defense Analyst reports to the Director of ASM and partners with engineering, cloud, and platform teams to build scalable detection, triage, and remediation workflows that strengthen Nike’s global security posture.

Who We Are Looking For

The ideal candidate combines deep Vulnerability Management (VM) automation with applied AI. They design ML-driven risk scoring and LLM-assisted at scale across cloud, on-prem, and containers. They convert noisy CVE/KEV inputs into reliable pipelines, enforce secure SDLC guardrails, and partner tightly with VM analysts, platform engineers, and SecOps. They write production-quality Python, build robust data integrations (REST, CI/CD), and leverage data platforms (e.g., Databricks) while instrumenting model monitoring to prevent drift and bias. They challenge manual processes, document clearly, and communicate crisply to stakeholders and executives.

• 7–10+ years in security engineering, vulnerability management, or automation; demonstrable AI/ML application in security.
• Bachelor’s degree in CS/Engineering or equivalent combination of education, experience, or training.
• Certifications: GCIA, GCIH, GMON, AWS/Azure Associate; AI/ML platform experience (e.g., SageMaker/Azure ML).
• Proven expertise in Python, REST APIs, CI/CD, and AI/ML pipelines (feature engineering, model deployment/monitoring); tools integration across Rapid7, Wiz.io, Databricks, SIEM, SOAR.
• AI & Machine Learning: Experience applying ML for vulnerability detection, predictive risk scoring, and intelligent orchestration.

What You’ll Work On

You build and automate end-to-end vulnerability management workflows that reduce risk at scale. You turn detection gaps, noisy data, and manual processes into reliable, AI-assisted pipelines. You partner across engineering, cloud, and security teams to accelerate remediation, improve signal quality, and strengthen Nike’s global security posture.

• You partner with VM analysts, cloud/platform engineers, and SecOps to integrate scanning, asset, and detection systems into automated, AI-enabled workflows.
• You design and maintain Python-based pipelines that normalize, enrich, and route vulnerability data into downstream systems (Databricks, SIEM/SOAR).
• You apply AI/ML (e.g., model-based risk scoring, LLM-assisted triage) to reduce noise, accelerate prioritization, and help remediation teams focus on what matters.
• You collaborate across time zones, building strong relationships with engineering, infrastructure, product teams, and incident responders to ensure fast, predictable remediation.
• You tackle unexpected challenges—broken integrations, ambiguous ownership, data gaps—and turn them into durable automation patterns.
• You improve visibility by building dashboards, metrics, and automated reporting that support leadership decisions.
• You refine and document tooling, patterns, and runbooks to raise engineering quality across the VM ecosystem.

Key skills/competency

• Vulnerability Management
• AI/ML Application
• Python Programming
• REST APIs
• CI/CD Pipelines
• Data Platforms (Databricks)
• Cloud Security (AWS/Azure)
• Risk Scoring
• Security Engineering
• Incident Response