14 Sep
Vulnerability Management Lead (W2 Role)
Vacancy expired!
- Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization’s security posture against them.
- Collaborate with cross-functional, cross-department teams to drive patching and remediation strategies
- Reporting and prioritization of security vulnerabilities across the Vulnerability Management Team
- Conduct continuous discovery and vulnerability assessment of enterprise-wide assets.
- Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with vulnerability management.
- Lead projects and efforts to drive automated remediation solutions
- Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface
- Monitor for new vulnerabilities reported by internal and external sources
- Develop and report on substantial metrics for the Vulnerability Management Program
- Work with Cyber Security Incident Response Team on Zero-day vulnerabilities
- Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.
- Participate in team on-call rotation
- Perform other duties as assigned
- Solid understanding of Risk Management frameworks, Security frameworks & Data Protection regulations
- Strong leadership, collaborative, diplomatic and motivational skills including the ability to lead across multiple business and technology organizations.
- High passion for security, innovation and problem-solving
- Ability to work effectively within a team to drive a common goal.
- Passion to work with a diverse team and assist in improving the security program of a large enterprise
- Excellent attention to detail, follow through, and organizational skills
- Strong verbal and written communications skills
- Detailed knowledge of vulnerability management, configuration management, software security tools and trends
- Strong understanding of desktop and server operating systems as well as software
- Solid grasp of vulnerability classification and scoring methodologies (CVSS, CVE)
- Understanding of Windows and nix operating systems, endpoint applications, networking protocols and devices.
- Proficient in a programming language, e.g., Python or PowerShell scripting, Java, C, C, C#, etc.
- Technically competent with various software programs and vulnerability management solutions, including but not limited to Qualys, Tenable, Rapid 7, Microsoft Office Suite, ServiceNow
- Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.
- Capable of working independently and involving leadership as necessary
- Knowledge of diverse infrastructure platforms and operating systems such as databases, middleware.
- Experience in Cloud based platforms e.g., AWS, Azure
- Vulnerability Management experience in containerized environments e.g., Docker, Kubernetes etc.
- Experience in Web Application vulnerability management
- Qualys Vulnerability Manager
- Experience in Splunk Enterprise Security tool
- Experience with Inventory Management tool
Vacancy expired!