Information Security (Vulnerability Management)

EmploymentType : Full Time/Part time/WFH : Full Time(Hybrid)

Job Responsibilities:

You will be responsible for providing management and oversight to the internally delivered

cybersecurity vulnerability management service. You will own and manage the vulnerability

assessment and management program and execute a vulnerability management strategy.

Design and develop vulnerability mitigation strategy, prioritize identified vulnerabilities, and

manage risk associated with vulnerabilities.

Classify and prioritize the risk of new vulnerabilities according to the specifics of our unique

environment's risk level, mitigating factors, and assessment of the impacts of internal and

external threats.

Participate in impact assessments to help define prioritization and proper monitoring coverage.

Provide recommendations and technical guidance for the vulnerability management program.

Validate scan results, research mitigation methods and retest findings. Demonstrate

understanding of infrastructure/cloud vulnerability scanning and configuration.

Develop automation, orchestration, and scripting to reduce manual processes, improving overall

efficiency while also enabling new capabilities to meet our rapidly changing needs.

Expected to possess strong knowledge of vulnerability management Triage, Prioritize,

Remediate, and security threat modelling.

Develop relationships with IT teams to resolve aging critical vulnerabilities on assets, establish

regular forums with stakeholders to drive remediation of vulnerabilities.

Analyze requirements to develop and manage program metrics and performance through

reporting. Produce detailed reports and present metrics to key stakeholders in the business.

Reporting gaps in a meaningful way that addresses a business risk as well as providing technical

solutions to the operations teams in remediation is key.

Maintain oversight of vulnerability reporting communications

Minimum Qualifications

Bachelor's degree in computer science, Information Technology, Cyber Security, or related

discipline

7+ years of Cybersecurity experience with a concentration in vulnerability management

Understanding of a variety of technical concepts such as Networking, systems administration,

application development, and information security practices

Knowledge of information security industry and regulatory obligations (ISO 27000-series, NIST

Framework, etc.)

Experience with scanning tools such as Microsoft Defender, Tenable, Rapid7 and Qualys and

their configurations is preferred.

Certified in one of the security certifications like CEH/CISSP/OSCP

Experience with data analytics with the ability to provide qualitative analysis and

recommendations.

Ability to develop strong working relationships with a variety of other enabling teams.

Strong attention to detail, data accuracy, and data analysis

Self-motivated and operates with a high sense of urgency and a high level of integrity.

Ability to automate technical tasks using API or scripting.

Strong verbal and written communication skills.

Your Contact Number &Email Address :[Confidential Information]