Qualifications & Experience:

  • Bachelor’s degree in Information Systems, Computer Science, Information Security, and/or related work experience
  • 5+ years experience in various Cybersecurity domains (i.e. Identify & Access Control, Network Security, Firewalls, Enterprise Directory Systems, Encryption, Data Loss Prevention {DLP}, Endpoint Protection, & Information Security Operations)
  • 5+ years Vulnerability Management in an operation-based environment a must
  • Experience with tools such as Nessus, Rapid 7
  • 3+ years performing validation/penetration testing,
  • 3+ Threat Intelligence
  • In-depth familiarity with enterprise workflow tools (SIEM, ITSM), and ability to develop and improve tool utilization, and promote process efficiency,
  • Experience in collaboration amongst multiple lines of business and geographic theaters
  • Hands-on experience with vulnerability management tools and strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database and application servers,
  • Client-side validation through penetration testing
  • Subject matter expertise in vulnerability assessment and prioritization to drive remediation,
  • The ability to influence and drive change within teams and the organization,
  • A strong team player who is proactive and driven to achieve results,
  • Previous senior team experience working as part of an enterprise Information Security team

COMPETENCIES:

  • Exceptionally self-motivated and directed.
  • Keen attention to detail.
  • Superior analytical, evaluative, and problem-solving abilities.
  • Exceptional service orientation.
  • Ability to motivate in a team-oriented, collaborative environment
ROLE PURPOSE:

A vacancy exists for the role of Threat and Vulnerability Management Analyst Group, within the Information Management Department – reporting to the Security Officer. The purpose of the role is to lead the Vulnerability Management program to include scanning, reporting, and risk analysis to identify risk within the environment.

Partnering with stakeholders to drive down vulnerabilities and develop mitigation strategies. Ability to generate metrics and reporting to show the efficacy or the program and performance against SLAs. KPI/ KRI development to show where the areas of greatest risk are within the environment.

Support of program control processes to ensure mitigation of risks and approved configuration certification of systems. Performs all duties in accordance with the companys policies and procedures, all state, federal, and country laws and regulations, wherein the company operates.

In accordance with regulatory and audit requirements, this position will perform analysis of systems and programs, including the cyber-security related programs and initiatives. Delivery of activity reporting, including metrics, environment impact, effectiveness progress, and performance, and risk indicators.

Key Responsibilities:

  • Responsible for continuous improvement of the vulnerability management program.
  • Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and works with the responsible parties to drive timely results and remediation,
  • Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements,
  • Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organization,
  • Review, triage, and respond to service requests and alerts,
  • Perform detail-oriented investigation of security issues,
  • Research and track current security threats,
  • Responds to incidents, performing forensic investigations, and assisting with eDiscovery tasks,

Learn more/Apply for this position