Job #: 1770
Title: Vulnerability Manager
Identifies, documents, measures and communicates technical Information Security Risks across the organization’s data networks, systems, and applications; using standard company toolsets and common industry exploitation techniques to identify significant attack surfaces which threaten the firm’s revenue generating capabilities.
Conducts a variety of technical penetration testing engagements; (external, internal, wireless, webapp, VOIP, social engineering, etc.) designed to identify where sensitive client and Company data can be obtained using unauthorized methods.Builds and implements enhanced methodologies to effectively communicate technical attack vectors to Executive level business leaders in business terms.
Provides post security incidents remediation validation to ensure remediation steps were effective in mitigating the possible exploitation of sensitive data systems; persevering the integrity and confidentiality of critical information systems.
Provides consultation throughout the organization and at all levels between Executive leadership and Technical contributors, to support incident handling and forensic investigators; part of the Computer Incident Response Team (CIRT).
Monitors and researches industry information sources for Zero-Day threats, emerging Information Security trends and vulnerabilities impacting the organization and its ability to serve its customers.
Recommends, directs, and implements best in class technology and business process solutions to mitigate/reduce threat globally.Influences technical /strategic direction of the Information Security function as it relates to keeping information secure and available for all company clients and staff.
This position of Vulnerability Manager provides valuable technical expertise to the tracking and remediation of system-level risk in the environment. Roles and responsibilities include:
Configuring and running scans of the environment
Identification and scoring of vulnerabilities based upon industry standards
Reporting on vulnerability state with guidance to operating companies on remediation
Maintaining and designing vulnerability management infrastructure
Provide guidance on risk for new software entering our environment
Ideal candidates will possess the following skill sets:
Understanding of common Windows and Linux operating systems
Understanding of common types of cyber-attacks and countermeasures
Understanding of critical security controls
Understanding of vulnerability management tools and concepts
Strong use of Microsoft Office for analysis and reporting
Excellent written and verbal communication skills