Job Seekers, Please send resumes to resumes@hireitpeople.com
Detailed Job Description:
- Manage vulnerabilities across applications, endpoints, databases, networking devices, and mobile, cloud and third-party assets.
- Conduct continuous discovery and vulnerability assessment of enterprise-wide assets.
- Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.
- Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.
- Leverage vulnerability database sources to understand each weakness, its probability and remediation options, including vendor-supplied fixes and workarounds.
- Support internal and external auditors in their duties that focus on compliance and risk reduction.
- Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.
- Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization s security posture against them.
- Regularly research and learn new TTPs in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary.
- Maintain an active database comprising third-party assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business.
- Arrange and provide support to business units launching new technology applications and services to verify that new products/offerings are not at risk of misconfiguration, compromise or information leakage.
- Periodically attend and participate in change management policy discussions and meetings.
- Perform other duties as assigned.