Vulnerability Management Lead

Technical skills \ Qualifications:

• 8 or more years of professional work experience with at least 5 specialized in cyber security
• Bachelor s degree (additional years of experience in cyber security and/or military experience may reduce this educational requirement)
• One or more certifications in information security (such as Sec+, CEH, CISSP, SSCP, etc.)
• Demonstrated expertise with
• Windows Endpoints and Server
• Unix/Linux
• macOS
• IOS
• Android

Expert:

• Troubleshooting skills
• Data analysis skills

Strong cyber security knowledge and experience to include:

• Host security (Such as Tenable)
• Web Application security (Such as NetSparker)
• Secure OS baselines (CIS, STIG, etc.)

Vulnerability Analysis

• SIEM Tools (Such as Splunk)

Proficient in MS Office (Word, PowerPoint, Excel)

Experience with and/or knowledge of:

• Hardening AWS, Google Cloud Platform, and Azure clouds
• GitHub Enterprise
• Administering Symantec Data loss prevention
• Hardening Dev/Sec/Ops Pipelines and Developer workflows
• Static Application Security Testing (SAST)
• Dynamic application security testing (DAST)
• Interactive application security testing (IAST)
• Runtime application self-protection (RASP)
• Microsoft Power Query, Power Charts, etc.
• SPL queries and building Splunk Dashboards
• Database Security Vulnerability and Compliance (Such as DbProtect)

Overview:

We are seeking a Vulnerability Management Lead. The VM team s portfolio of activities includes providing vulnerability detection and remediation oversight, vulnerability research, secure baseline compliance, web application security, host-based security, network security, and acting as security subject matter experts.

Responsibilities:

• Extensive knowledge and hands-on experience with a variety of Vulnerability Management Tools such as Tenable, DB Protect, Netsparker, Qualys, etc.
• Expert knowledge of the Vulnerability Management lifecycle
• Proven track record of designing, implementing, and managing a Fortune 100 level Vulnerability Management Program
• Strong knowledge of networking, operating systems, databases, and web applications
• Strong knowledge of cybersecurity operations (Cyber Threat Intelligence, Penetration testing, & Incident Response)
• Deep knowledge and experience of performing both manual and automated asset discovery and enumeration
• Deep knowledge and experience of systematic and data-driven asset prioritization
• Expert knowledge and successful application of risk management frameworks

Qualifications:

• Ability to obtain a Public Trust clearance.
• Passion for learning about current and emerging information security threats and vulnerabilities
• Strong understanding of Enterprise Vulnerability management
• A love for identifying gaps, providing solutions, and improving existing processes
• Ability to collaborate with other teams to improve security across an enterprise
• Strong Project Management skills
• Previous leadership experience

Soft skills:

• Strong customer service focus to meet the needs of internal and external customers.
• Professional, pleasant, and polished demeanor.
• Strong problem-solving capabilities and the ability to effectively communicate solutions.
• Excellent verbal and written communication skills
• Ability to build strong relationships with stakeholders at all levels
• Strong public speaking and presentation skills
• Experience and comfort leading large meetings