The Vulnerability Management Specialist will manage and implement a comprehensive Vulnerability Management program to combat security threats, vulnerabilities, and business risks. The successful candidate will be responsible for providing guidance on establishing and operating the Operating Technology (OT) Vulnerability Management Program, including the implementation of appropriate technologies, tools, and processes.

 

Responsibilities:

Design and drive strategy and tactical plans toward holistic Vulnerability Management across multiple technology teams in a large complex organization. Analyse patch and vulnerability information for Vulnerability Management processes. Automate the Vulnerability Management process to improve operation efficiency. Provide status report to Regional RISO and IT leaders related to Vulnerability Management metrics, key risk indicators, trending and compliance reports. Collaborate with Information Security policies, standards and baselines and contribute efforts to measure compliance. Collaborate with cross-functional teams, including IT, security operations, and development teams, to ensure timely vulnerability remediation across on-premises and cloud environments. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Create and maintain SOPs for the Vulnerability Management program, provide technical knowledge to operations and production support teams. Work with portfolio manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.

 

Qualifications:

Bachelor's Degree in Computer Science or any related field At least 5 years of IT Security experience such as penetration testing, vulnerability scanning, security audits, configuring and managing security systems. Must have experience working with vulnerability assessment tools like Rapid7, Nessus, etc. Knowledge of security standards, frameworks, and best practices (e.g., OWASP, CVE, CVSS). Technical knowledge and experience working with enterprise vulnerability management platforms. Solid grasp of computer networking concepts and protocols and network security methodologies. Extensive knowledge and experience with diverse IT architecture and enterprise IT data centers, external hosted service and cloud computing environments. Detailed comprehension of information security technology and tools, integrations, API and scripting. Good program/project management skills. Effective communication and collaboration skills for management presentation materials. Preferably with experience using reporting and analytics tools such as PowerBi, Advanced Excel/PowerQuery