For our client international, well known Company we are looking for candidates for a position of
Responsibilities:
- expand and improve the quality and efficiency of our vulnerability management program,
- drive the remediation of vulnerabilities on our products,
- regularly meet with different technical teams to present their current vulnerability status and to track and work with those teams on remediation based on agreed upon patching timelines,
- regularly monitor current threat intelligence feeds, new vulnerabilities, assess their impact and raise their visibility within the organization when critical issues arise that need immediate attention,
- responsible for maintaining documentation around the Vulnerability Management process and procedures up to date,
- ownership of and report on the overall status of patching cadence and reduction of vulnerabilities.
Requirements:
- general understanding of security fundamentals and general security technologies, including operating systems network security, event management etc,
- 2+ years experience with vulnerability management and its related processes and procedures,
- prior experience with vulnerability scanning platforms,
- ability to multi-task and gain consensus from multiple disparate stakeholders with differing priorities,
- ability to establish and leverage metrics to improve quality and customer experience,
- capable of leading change to successful conclusion of projects/tasks,
- strong critical thinking, decision making, troubleshooting and problem-solving skills,
- ability to quickly digest and leverage new technologies to improve security services,
- strong understanding of current and emerging security technologies and services,
- knowledge of Risk Management frameworks from NIST, ISO, and DOD as well as the MITRE ATT&CK Framework,
- knowledge and familiarity with vulnerability management frameworks and concepts such as CVE, and CVSS Threat Intelligence and visibility into new threats,
- knowledge of cloud computing technologies and concepts (SaaS, PaaS, IaaS, etc.) and providers like Amazon AWS, Google Cloud, and Microsoft Azure,
- knowledge of business continuity, disaster recovery, and resiliency,
- experience with the software development lifecycle, agile development methodologies,
- understanding of the Top 10 OWASP.
The offer:
- attractive compensation as for 12 months contract,
- social benefits,
- possibility to prolong the contract.