30 Sep
Vulnerability Management /Cyber Vulnerability Management (CVM)
Vacancy expired!
Job Description Role: Cyber Vulnerability Management (CVM) Location: Onsite Preferred: - California -La Verne Fulltime-Visa Independents Who are we looking for? 10+ years of experience in Vulnerability Management Design, implementation, and L3/ SME with minimum 2+ years leading/mentoring technical staff in enterprise cyber vulnerability management Technical Skills:
- 10+ years of related professional experience
- 2+ years leading/mentoring technical staff in enterprise cyber vulnerability management
- Sound hands-on experience in Design, implement & Managing Security Vulnerabilities: Enterprise and Cloud
- Experience with scripting languages JavaScript, Perl and Python
- Knowledgeable of vulnerability management life cycle processes
- Strong familiarity with industry best practices such as the Open Web Application Security Project (OWASP) and NIST
- Knowledge of system security vulnerabilities , network security, application security, database administration, programming, systems analysis procedures, database software, operating systems, OWASP Top 10 risks
- and remediation techniques
- Solid foundation of common software vulnerabilities and their mitigation techniques
- Should understand vulnerability testing methodology and be able to communicate testing findings to managers and network administrators
- Strong technical, analytical, and interpersonal skills; ability to motivate and inspire team members
- Effective interpersonal, communication and leadership skills to influence operational changes, drive collaboration, and maximize adoption of new ideas, tools and practices
- Ability to communicate effectively with a variety of audiences from technical to executive management.
- Strong organizational, project management, and multi-tasking skills with a successful track record of managing expectations, delivering results, and meeting milestones and deadlines
- High level of professionalism, self-motivation and a strong sense of urgency, strong customer-focus, with the ability to manage expectations appropriately, provide a superior user experience and build long-term relationships
- Knowledge of network security, application security, database administration, programming, systems analysis procedures, database software, operating systems, OWASP Top 10 risks
- Experience with vulnerability management and offensive security tools, including NMap, Metasploit, Nexpose, Qualys, Nessus, Burp Suite, Splunk, AppScan, Veracode, or similar.
- Improve vulnerability management lifecycle processes, including Discovery, Assets Prioritization, Vulnerability Assessment, Reporting, Remediation, and Validation
- Drive program maturity, reducing the time to vulnerability remediation by integrating technology platforms, automating processes, providing actional vulnerability remediation guidance
- Collaborate with cybersecurity and technology teams to research, recommend, and implement enterprise-wide changes
- Scope, plan, facilitate, and perform Vulnerability Assessment and Penetration Testing (VAPT) technical assessments
- Research emerging threats and malicious actor tactics, techniques, procedure (TTPs), system vulnerabilities, and key indicators of exploits across diverse technologies and rapid changing environments, including on-premise/cloud infrastructure to determine risk rating of vulnerabilities to business assets
- Build relationships and serve as a liaison between system/application owners and the CVM team.
- Mentor team members in performing VAPT engagements, including Web App, Mobile App, WiFi, Network, etc.
- Serve as an advisor, raising awareness of vulnerabilities, exposure, and business impact to enterprise systems.
- End-to-end Vulnerability Management life cycle
- Experience with ITIL V3 service management
- Effective interpersonal, team building and communication skills
- Desire for continuous improvement and ownership skills
- Ability to communicate complex technology to no tech audience in simple and precise manner.
- Quick learner, while working outside the area of expertise.
- Flexible to support 247 support environment.
- Responsible for working with Client to assist with understanding threat data and vulnerabilities found on client's network
- Responsible for working with Client Team with implementing and maintaining Client asset classifications and categorizations
- Bachelor's degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.
- 10+ years of experience with minimum 2+ years in managing leading/mentoring technical staff in enterprise cyber vulnerability management
- CISSP, CISM, GPEN, CEH, OSCP, or equivalent are strongly desired
- Industry standard IT Security certification, specifically in the area of Vulnerability Management
Vacancy expired!