What you'll do: Client team is looking for a Patching and Vulnerability Supervisor/ Manager. Under general supervision, this position would be responsible for the identification, prioritization, remediation tracking and reporting of infrastructure/compliance vulnerabilities. Strong problem-solving skills, willingness to work independently and collaborate across business units is needed for this position.
What we are looking for: Responsibilities:
Manage enterprise vulnerability scanning technologies to include scheduling scans, conducting ad-hoc/validation scans, configuration settings, report creation, and minor support/maintenance
Leverage other enterprise tools and collaborate with technology partners to assist in maintaining an accurate asset inventory for complete scanner coverage
Assist with compliance policy and hardening document creation for all supported platforms
Manage the vulnerability remediation lifecycle via enterprise ticketing system to track SLA breaches, process ticket assignments, and address any concerns raised
Participate in the ongoing improvement of the scanning and vulnerability remediation process
Creation of ad-hoc reports as required by business partners, regulators, or audit
Stay informed of industry emerging threats and vulnerabilities
Contribute to team development by documenting process efficiencies and conducting occasional trainings session
Assist in operational projects and ad-hoc tasks as required
Able to facilitate discussions and reach decisions
Self -motivated, positive attitude
KPI reporting and validation
Requirements:
Validate proper mitigation controls are in place until remediation activities are complete.
Act as the point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business groups
Ability to assess and articulate actual business risk.
Develop, document and maintain operation processes and procedures to conform with Enterprise Security Control Standards.
Provide leadership and direction on initiatives relating to information security and the Vulnerability Management Program.
Demonstrated understanding of infrastructure and cloud vulnerability scanning and configuration
Strong knowledge of security technologies and architecture. Knowledge of IDS/IPS, DNS, DCHP, DMZ architecture, Active Directory, Proxies, Cloud architecture technologies and VPNs to name a few.
Candidates must be skilled in vulnerability assessment, risk rating, threat correlation, asset-based remediation management, and reporting. Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support. Revise processes and procedures, metrics, and documentation that continue to improve the vulnerability management capability.
Demonstrated experience with common vulnerability feeds from government, vendor, and open source communities
Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls
Strong understanding of network services, vulnerabilities and attacks. Knowledge of application exploits and vulnerabilities. Knowledge of ports and services typical in configuration of web servers, file servers, and workstations
Understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation
Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies
Configure deployment of scan appliances, creation of option profiles, scanning schedules around high-risk vulnerabilities
Ability to collaborate extensively with engineering teams to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies.
You will support implementation and operations best practices while taking ownership of tasks and/or project work-streams, assist and perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables of the team
Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.
Candidates must be familiar with CVEs, CVSS, and Mitre as well as other industry specific vulnerability classification standards, frameworks, and best-practices
Maintenance of all contacts and documentation.
Qualifications:
Bachelor’s degree and/or some relevant work experience in vulnerability management, cyber security and system/network administration is preferred
Excellent oral and written communication skills are required
Analytical and problem-solving skills for troubleshooting are required
Hands experience with Nexpose Rapid 7
Expert using Excel, Word, PowerPoint
Familiarity with vulnerability management security tools (Nexpose, Qualys, Microsoft Advanced Threat Protection (MDATP), Tenable, Nessus etc.)
Familiarity with issue/ticket tracking systems (Jira, ServiceNow, etc)
Familiarity with Vulnerability Management Life Cycle
Industry certifications (ie GIAC, CompTIA, etc.)
Nice to Have:
Identifies opportunities for process and technical security improvements in the environment
Excellent communication, presentation, writing and documentation skills
Follow-up and attention to detail.
Good deductive reasoning skills, creative thinker.
Analytical and detail-oriented individuals must have a passion for information security, creativity to identify gaps and initiative to find the appropriate solutions to fill needs
Understand and able to create queries to support data extraction correlation and reporting
Bachelor’s degree or higher in IT, CS, IS, with a focus in cyber security. Certifications a plus.
