Design and drive strategy and tactical plans toward holistic Vulnerability Management across multiple technology teams in a large complex organization. Analyses patch and vulnerability information for Vulnerability Management processes.  Automate the Vulnerability Management process to improve operation efficiency. Provide status report to Regional RISO and IT leaders related to Vulnerability Management metrics, key risk indicators, trending and compliance reports.  Collaborate with Information Security policies, standards and baselines and contribute efforts to measure compliance.  Collaborate with cross-functional teams, including IT, security operations, and development teams, to ensure timely vulnerability remediation across on-premises and cloud environments. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.  Create and maintain SOPs for the Vulnerability Management program, provide technical knowledge to operations and production support teams.  Work with portfolio manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.  University Degree in Computer Science, or a related field  Minimum 4-6 years of IT security experience such as penetration testing, vulnerability scanning, security audits, configuring and managing security systems.  Knowledge of security standards, frameworks, and best practices (e.g., OWASP, CVE, CVSS). Technical knowledge and experience working with enterprise vulnerability management platforms.  Work experience with vulnerability assessment tools like Rapid7, Nessus and similar.  Extensive knowledge and experience with diverse IT architecture and enterprise IT data centers, external hosted service and cloud computing environments.  Solid grasp of computer networking concepts and protocols and network security methodologies.  Detailed comprehension of information security technology and tools, integrations, API and scripting. 

Non-Technical/Soft skills 

Able to exercise good judgement in a dynamic environment.  Independent and self-directed, with excellent time management skills. Excellent communication skills with the ability to communicate risk in business-relevant language.  Effective communication and collaboration skills for management presentation materials. Experience on reporting and analytics tool is required such as Power BI, Advanced Excel/Power Query.  Team player with positive attitude. Highly driven, autonomous, and resilient. Enjoy working in a dynamic and multi-cultural environment.  Good program/project management skills.  Relevant certifications such as CISSP, CISM, or equivalent are a plus.