Skip to main content

This job has expired

You will need to login before you can apply for a job.

Threat & Vulnerability Analyst

Regeneron Pharmaceuticals, Inc.
Sleepy Hollow, New York
Start date
May 21, 2024

Job Details

Threat & Vulnerability Management (TVM) Analysts support Regeneron's TVM capability to identify, assign, and validate remediation of compute environment vulnerabilities. This encompasses Regenerons on-prem, hybrid, and multi-tenant cloud environments. This position supports and enables Regenerons, global (US (United States), EU (European Union), APAC) Science to Medicine business objectives through enriching the cybersecurity defense posture.

TVM Analysts focus on cybersecurity vulnerability identification, facilitate priority-based patching, and validate remediation effectiveness. Operational requirements include leveraging TVM and information technology service management (ITSM) platforms to provide visibility, quantification, and accountability for remediation efficacy. This includes the utilization of reporting, executive summaries, and real-time dashboards. Additional responsibilities include contributing to cybersecuritys strategic maturity roadmaps, collection and analysis of cyber vulnerability intelligence, IT, and business unit collaboration.

A typical day:

  • Manage cybersecurity vulnerabilities and risks across Regeneron including identifying, supporting application and system owners to manage risks and remediate vulnerabilities.

  • Conduct vulnerability assessments of scans of servers, websites, workstations, serverless technology, network devices, cloud infrastructure, and other assets using various vulnerability management platforms and tools.

  • Analyze enterprise cybersecurity policies and configurations to evaluate compliance with regulations and enterprise policies and standards.

  • Assist with selection of industry best of breed cybersecurity controls to mitigate risk

  • Collection, reporting, and metrics generation for multiple cyber TVM datasets. This includes patching efficiency, identifying system misconfigurations, and security hygiene assessments.

  • Support the process of Security Compliance assessments of systems and multi-tenant cloud services, leveraging industry best practices, to include, Center for Internet Security (CIS) hardening guidelines

  • Analysis and monitoring of cybersecurity feeds, cyber threat intelligence, and open-source intelligence on trending vulnerabilities and exploits.

  • Partner with IT service providers to operate, maintain, and enhance TVM platforms. This includes native Operating System, cloud security, and data aggregation platforms

Knowledge and Experience

  • Knowledge, proven ability, and skills in vulnerability assessment, prioritization, assignment, validation, and tracking.

  • Experience and working knowledge of vulnerability management tools such as Nmap, Qualys, Tenable, Nessus, Microsoft Defender, Wiz, Rapid7, AWS Inspector, Orca.

  • Familiarity with OWASP (Open Web Application Security Project) Top 10, CIS Security Controls, MITRE ATT&CK Framework

  • Working knowledge of multi-tenant cloud environments (AWS, Azure, GCP), vulnerability mitigation techniques, and system hardening.


  • Collaborate and partner with cross-departmental peers (technical and non-technical) to report, synthesize, and prioritize vulnerabilities and threats based on contextual assets and relationship data.


  • Leverage industry and compute environment data to assess current and alternative technical solutions and processes for continuous enhancement and issue resolution.


  • Proven threat and vulnerability assessment skills or knowledge gained through experience or academia.

  • Ability to understand threat modeling and apply technical, administrative, and security control risk mitigation.

  • Organized, reliable, detail oriented.

  • Proven or conceptual abilities to navigate levels through thought equity.


  • Cybersecurity tool familiarity. E.g., SIEM (Security Information and Event Management), IDS/IPS, Email Protection, Firewalls, DLP (Data Loss Prevention), EDR (Endpoint Detection and Response), etc.

  • Experience gained through a complex organization and managed security providers and vendors.

  • Excellent problem-solving skills and attention to detail.

  • Proven experience in customer service, communication, and relationship building.

  • Ability to work independently and as part of a team

Does this sound like you? Apply now to take your first step towards living the Regeneron Way! We have an inclusive and diverse culture that provides comprehensive benefits, which often include (depending on location) health and wellness programs, fitness centers, equity awards, annual bonuses, and paid time off for eligible employees at all levels!

Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion or belief (or lack thereof), sex, nationality, national or ethnic origin, civil status, age, citizenship status, membership of the Traveler community, sexual orientation, disability, genetic information, familial status, marital or registered civil partnership status, pregnancy or parental status, gender identity, gender reassignment, military or veteran status, or any other protected characteristic in accordance with applicable laws and regulations. The Company will also provide reasonable accommodation to the known disabilities or chronic illnesses of an otherwise qualified applicant for employment, unless the accommodation would impose undue hardship on the operation of the Company's business.

For roles in which the hired candidate will be working in the U.S., the salary ranges provided are shown in accordance with U.S. law and apply to U.S.-based positions. For roles which will be based in Japan and/or Canada, the salary ranges are shown in accordance with the applicable local law and currency. If you are outside the U.S, Japan or Canada, please speak with your recruiter about salaries and benefits in your location.

Please note that certain background checks will form part of the recruitment process. Background checks will be conducted in accordance with the law of the country where the position is based, including the type of background checks conducted. The purpose of carrying out such checks is for Regeneron to verify certain information regarding a candidate prior to the commencement of employment such as identity, right to work, educational qualifications etc.

Salary Range (annually)

$77,600.00 - $126,600.00


Regeneron is a leading biotechnology company that invents life-transforming medicines for people with serious diseases. Founded and led for 30 years by physician-scientists, our unique ability to repeatedly and consistently translate science into medicine has led to seven FDA-approved treatments and numerous product candidates in development, all of which were homegrown in our laboratories. Our medicines and pipeline are designed to help patients with eye disease, allergic and inflammatory diseases, cancer, cardiovascular and metabolic diseases, infectious diseases, pain and rare diseases.
Regeneron is accelerating and improving the traditional drug development process through our proprietary VelociSuite® technologies, such as VelocImmune® which produces optimized fully-human antibodies, and ambitious research initiatives such as the Regeneron Genetics Center, which is conducting one of the largest genetics sequencing efforts in the world.

Stock Symbol: REGN

Stock Exchange: NASDAQ

FacebookTwitterInstagramYouTube Logo

Company info
Corporate Headquarters
777 Old Saw Mill River Road
New York

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert