Vulnerability Management /Cyber Vulnerability Management (CVM)

Job Description Role: Cyber Vulnerability Management (CVM) Location: Onsite Preferred: - California -La Verne Fulltime-Visa Independents Who are we looking for? 10+ years of experience in Vulnerability Management Design, implementation, and L3/ SME with minimum 2+ years leading/mentoring technical staff in enterprise cyber vulnerability management Technical Skills:

• 10+ years of related professional experience
• 2+ years leading/mentoring technical staff in enterprise cyber vulnerability management
• Sound hands-on experience in Design, implement & Managing Security Vulnerabilities: Enterprise and Cloud
• Experience with scripting languages JavaScript, Perl and Python
• Knowledgeable of vulnerability management life cycle processes
• Strong familiarity with industry best practices such as the Open Web Application Security Project (OWASP) and NIST
• Knowledge of system security vulnerabilities , network security, application security, database administration, programming, systems analysis procedures, database software, operating systems, OWASP Top 10 risks
• and remediation techniques
• Solid foundation of common software vulnerabilities and their mitigation techniques
• Should understand vulnerability testing methodology and be able to communicate testing findings to managers and network administrators
• Strong technical, analytical, and interpersonal skills; ability to motivate and inspire team members
• Effective interpersonal, communication and leadership skills to influence operational changes, drive collaboration, and maximize adoption of new ideas, tools and practices
• Ability to communicate effectively with a variety of audiences from technical to executive management.
• Strong organizational, project management, and multi-tasking skills with a successful track record of managing expectations, delivering results, and meeting milestones and deadlines
• High level of professionalism, self-motivation and a strong sense of urgency, strong customer-focus, with the ability to manage expectations appropriately, provide a superior user experience and build long-term relationships
• Knowledge of network security, application security, database administration, programming, systems analysis procedures, database software, operating systems, OWASP Top 10 risks
• Experience with vulnerability management and offensive security tools, including NMap, Metasploit, Nexpose, Qualys, Nessus, Burp Suite, Splunk, AppScan, Veracode, or similar.

• Improve vulnerability management lifecycle processes, including Discovery, Assets Prioritization, Vulnerability Assessment, Reporting, Remediation, and Validation
• Drive program maturity, reducing the time to vulnerability remediation by integrating technology platforms, automating processes, providing actional vulnerability remediation guidance
• Collaborate with cybersecurity and technology teams to research, recommend, and implement enterprise-wide changes
• Scope, plan, facilitate, and perform Vulnerability Assessment and Penetration Testing (VAPT) technical assessments
• Research emerging threats and malicious actor tactics, techniques, procedure (TTPs), system vulnerabilities, and key indicators of exploits across diverse technologies and rapid changing environments, including on-premise/cloud infrastructure to determine risk rating of vulnerabilities to business assets
• Build relationships and serve as a liaison between system/application owners and the CVM team.
• Mentor team members in performing VAPT engagements, including Web App, Mobile App, WiFi, Network, etc.
• Serve as an advisor, raising awareness of vulnerabilities, exposure, and business impact to enterprise systems.
• End-to-end Vulnerability Management life cycle
• Experience with ITIL V3 service management

• Effective interpersonal, team building and communication skills
• Desire for continuous improvement and ownership skills
• Ability to communicate complex technology to no tech audience in simple and precise manner.
• Quick learner, while working outside the area of expertise.
• Flexible to support 247 support environment.
• Responsible for working with Client to assist with understanding threat data and vulnerabilities found on client's network
• Responsible for working with Client Team with implementing and maintaining Client asset classifications and categorizations

• Bachelor's degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.
• 10+ years of experience with minimum 2+ years in managing leading/mentoring technical staff in enterprise cyber vulnerability management

• CISSP, CISM, GPEN, CEH, OSCP, or equivalent are strongly desired
• Industry standard IT Security certification, specifically in the area of Vulnerability Management