Accountabilities / Responsibilities:
• Perform analysis of cyber security vulnerability, threats, and incident trends to understand root causes and propose counter measures that mitigate risk and improve security and business processes.
• Support the governance and oversight of the vulnerability management program, ensuring vulnerabilities are detected, monitored, measured, planned for the mitigations on a regular basis.
• Support the Vulnerability Management function for department’s IT Assets, working with the internal & external teams including vulnerability management and security teams to ensure a comprehensive understanding and mitigation planning of vulnerabilities.
• Develop the vulnerability management program to ensure visibility and awareness of threats, vulnerabilities, and risks in relation to our IT assets and additionally coordinate interactions with suppliers, vendors and related IT assets Application, OS & DB teams.
• Develop reporting metrics, ensuring visibility and awareness of vulnerabilities for the department’s IT assets.
• Provide technical consultation, guidance, training, and assistance to relevant teams within department, management, application and database owners, and users in reference to security policy and standards, remediation, regression testing, and system recommendations.
• Identify and track completeness of inventory and currency systems and ensure execution of plans to reduce technical debt and legacy systems.
Required Skills, Experience, and Qualifications:
• Have bachelor's degree in Computer Science, Information Science, or relevant Certifications.
• Have 3+ years hands-on experience in cyber security roles such as vulnerability management, threat intelligence or incident response.
• Have solid knowledge of common attack methods and their detection techniques.
• Have solid knowledge of network traffic analysis, related tools.
• Are familiarity with malware analysis concepts and ability to perform basic static and dynamic analysis.
• Skilled with vulnerability assessment tools like Qualys & Kenna, correlation rules, and managing dashboards.
• Certification like CISSP, CISA will be preferred