Information Security – Vulnerability Management Consultant

Описание

At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.

Your Role and Responsibilities
The Vulnerability Management Consultant will work across multiple operating environments, assets, products, and services. The person in this role will maintain and optimize existing vulnerability management program operations while supporting vulnerability management systems, initiatives, integration, and technical vulnerability assessment and remediation.
The Vulnerability Management Consultant will drive appropriate actions at all levels of the organization including executive management. Additionally, the person will define the prioritization of remediation activities, optimizing the remediation efforts in a dynamic environment.
Responsibilities:
• Oversee and support the development of vulnerability management programmes, initiatives, integration, and technical assessment.
• Direct and/or perform on-going vulnerability assessments on applications and networks and systems. Direct assessment efforts in a prioritized fashion, seeking breadth and depth of coverage where appropriate.
• Partner with teams who implement technology and achieve methods for aligning to their processes and reduce vulnerabilities.
• Enhance technology and/or process to ensure accurate and up to date inventory of critical infrastructure and applications are in place.
• Identify roadmap, budget, and priorities relative to infrastructure and application security assessments.
• Serve as an internal information security consultant to the organization. Assist in the review of applications and/or technology environments to assess information security risk.
• Support information security compliance and risk management activities to meet the vulnerability management policy, standards, and requirements
Core Responsibilities:
• 1. Drive the on-going implementation and operation of Vulnerability management program
• 2. Plan and carry out vulnerability scan campaigns. Create reports and present to client (including on occasions executive management) with factual documentation of issues identified and clear recommendation for mitigation of found vulnerabilities.
• 3. Assess, document and validate the vulnerability management practices across business to ensure compliance to company policy and standards are met.
• 4. Assess possible risks to proposed changes to the environment, and if needed recommend alternative solution, or mitigating security controls.
Optional Certifications: (One or more of the following professional certifications)
• CISSP (Certified Information Systems Security Professional)
• CISM
• CISA
• CEH or equivalent
• SANS GIAC
• Certified Qualys Professional
• Certified Tenable Professional

Required Technical and Professional Expertise
Knowledge and Experience:
• Minimum 3 years Information Security experience, focused on risk analysis, identification, and vulnerability assessment. Degree in Computer Science or a related field is desirable
• Understanding of Security and Infrastructure Architecture/Technologies: including but not limited to Routers, Firewalls, IDS, PKI, VPN, Application Security, Vulnerability Scanners, Windows and Unix Systems Security.
• Ability to adapt to a high paced work environment and to handle multiple tasks simultaneously and follow through on tasks to completion.
• Thorough understanding of Network protocols and security related architecture.
• Efficient in multiple operating systems including Windows, OSX, and Linux.
• Ability to scrutinize complex and diverse information and transform details and facts into recommendations and action plans.
Skills:
• Direct and drive initiatives through diverse teams and organizations to ensure an effective and compliant program.
• Ability to implement process and technologies that make efficient use of vulnerability related data for the purposes of discovery and reporting.
• A keen ability to identify and communicate practical risk regarding technical security vulnerabilities to both technical and non-technical audiences.
• Capable of performing vulnerability analysis upon report results or zero day announcements, manage communications, and ensure timely remediation.
• Author/utilize tools/scripts to manually validate or test vulnerabilities when no public utilities exist.
• Ability to manage third party partners to meet SLAs and commitments.
• Results oriented cross-functional leadership success partnering with internal and external stakeholders.
• Outstanding written, verbal, and presentation communications skills.
• Executional excellence – consistently deliver programs to successful outcomes in a fast moving environment.
• Excellent interpersonal communication, project management and leadership skills. Must be able to communicate effectively and tactfully with all levels of personnel (in person, on the telephone and through written communication). Unwavering passion, commitment, and persistence to the business, customers and technology.
• Ability to efficiently achieve security requirements in an effective partnership with the independent teams who are responsible for software development and system administration.
• Attention to detail with flexibility in addressing changing requirements.
Qualifications:
• Bachelor’s Degree in technology or other related field from an accredited university or college; or equivalent work experience in Information Security and Business/Risk Management.
• One or more of the following professional certifications: CISSP, CISM, CISA, CEH or equivalent, or SANS. Preferred Qualys / Tenable Certified Professional
• Demonstrated success in security and vulnerability management within global enterprise environments.
• Strong record of steady career progression.
• Excellent references upon request.

Preferred Technical and Professional Expertise
• Previous experience with Qualys, Tenable, Rapid7 Scanners
• Vulnerability Management Experience

Изисквания към кандидата

Езикови познания:
Английски език

Трудов опит:
С професионален опит над 3 г.

Образование:
Средно

Ние предлагаме

Вид заетост:
Пълен работен ден

Срок на заетост:
Постоянна

Договор:

Ниво в йерархията:

Категория:

ИТ и Компютърни специалисти

Държава:

България

Населено място:

Гр. София

Адрес:

бул. ДРАГАН ЦАНКОВ 36

Дата:

11.08.2021

Организация:

Ай Би Ем България ЕООД
Фирма/Организация - Директно търсеща служители

Детайли за организацията:

Повече информация за Ай Би Ем България ЕООД може да получите ТУК