Responsibilities         
•    Responsible for executing VM processes, guidelines, standards and metrics.
•    Lead the vulnerability management program, including vulnerability scanning, assessment, and remediation.
•    Identify and access security vulnerabilities across applications, systems, network and Infrastructure through regular scanning and assessments.
•    Convincing control owners to remediate/mitigate the vulnerabilities making sure it is not impacting the business.
•    Collaborate with cross-functional teams to identify and prioritize vulnerabilities based on their severity and potential impact. 
•    Provide technical expertise and guidance on vulnerability management best practices.
•    Collaborate with system administrators, developers, and other relevant stakeholders to ensure secure software development practices. 
•    Build and expand internal relationships with key groups and stakeholders, creating efficiencies for any dependencies.
•    Consult teams to resolve issues that are uncovered by various internal and third-party monitoring tools.
•    Investigate and validate reported vulnerabilities from internal and external sources.
•    Generate reports and metrics for management on vulnerability assessment finding, progress, and trends.
•    Monitor and stay up to date with Industry trends and the latest vulnerabilities and threats
•    Appy a structured methodology and lead change management initiatives to create a strategy to support adoption of the changes required by a project or initiative.
•    Effective implementation of all the projects assigned and take complete ownership of the deliverables.
•    Other managerial activities that help team and group objectives

    
Education Qualification         Qualified to degree level, preferably in a business, IT or security related subject
Experience Band         12 – 15 years
Requirements         
         •    Experience in working with Vulnerability Management/Threat Intelligence tools such as Qualysguard, Tenable, Nessus, Wiz, Symantec etc.
•    Fundamental understanding of Operating Systems – Windows, Linux and Cloud
•    Ability to apply risk-based approach while working on assigned responsibilities.
•    Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills.
•    Ability to prioritize multiple requests and clearly communicate the priorities to the team and management.
•    Stays abreast of emerging trends, regulatory changes, and evolving threats in the security and compliance landscape, advising the organization on potential impacts and necessary actions.
•    Be able to identify and resolve conflicts and identify items that need senior management attention.
•    Ability to communicate effectively with all business levels internally and externally.
•    Capable of communicating security-related concepts to a broad range of technical and non-technical individuals as well as understanding new technologies quickly.
•    Ability to manage projects working with a diverse group of individuals across multiple geographies.
•    Familiarity with ISO 27001, NIST, and other guidelines on information security controls.
•    Certifications in one of more of the following is a plus: Certified Information Security Auditor (CISA), Certified Information Systems Security, Professional (CISSP) or Certified Information Security Manager (CISM).
 

NA