Threat And Vulnerability Specialist

Pe Global

Cork

PE Global are currently recruiting a Threat & Vulnerability Specialist for one of our Multinational Corporation clients based in Cork. This is a permanent role. PURPOSE OF JOB. The qualified candidate will possess a working knowledge of critical build-in security practices and a strong working knowledge of vulnerability management.This includes: researching, identifying, reporting, validating, reproducing and remediation consulting.This individual will be charged with significantly reducing vulnerabilities, improve ongoing cyber-hygiene,and assist in the continuous improvement of the client’s enterprise-wide threat and vulnerability management program. RESPONSIBILITIES. Collaborates with Windows, Unix, Linux and IT Infrastructure teams to drive remediation of reported vulnerabilities through risk/threat based assessment of security controls and tools. Articulate risk and business impact to stakeholders. Ability to convey the urgency and need to remediate vulnerabilities commensurate with the risk it presents to the client. Develops and maintains vulnerability and response artefacts systematically to produce metrics that can measure the overall program maturity and progress. Creates visibility and awareness at appropriate level including executive leadership teams, CISO and other on vulnerabilities that require attention. Synthesis required information for risk articulation. Demonstrates ability to strike a balance between strategic and tactical activities required to run the vulnerability response and remediation efforts. Cultivates the practice of staying abreast on latest trends and developments in vulnerability response and remediation activities followed across industry. Actively reviews public and private vulnerability notifications/disclosures, consumes research findings and prioritizes remediation efforts. Research exploit techniques and mitigation strategize. Lead coordination efforts between technology stakeholders and ensure high-quality and accurate reporting and tracking. Evolve internal tools and processes that manage the inspection, remediation, assurance measuring lifecycle activities of IT technologies operated and managed by organizations responsible to the client’s Enterprise. Build relationships and become a trusted advisor with BU and technology owners to influence change and drive ownership and accountability. REQUIREMENTS. 6+ years’ experience in administering security controls in an organization. Bachelor Degree in Computer Science or related field or equivalent experience. Good working knowledge of industry and commonly adopted secure standards, practices (e.g. applicable NIST standards, CIS, ISO, OWASP, SANS, BISMM, and CERT. Administration experience with any of the following: Nessus, Rapid7, Qualys, Core Impact, Metasploit and other scanning and analysis solutions. Experience with automated and manual penetration testing. Experience implementing and automating remediation workflows that support/enhance CI/CD processes. Provide data management and analysis for activities and continuous project initiatives. Use various data sources to identify and solve for programmatic needs and gaps in IT system coverage. Participate in strategic planning with regards to program development of IT Systems Assurance. Assist with program assessments ensuring programmatic goals are well documented. Perform data validation and quality control checks to ensure adherence to ETS/ISRM protocols. High proficiency with MS Office productivity applications and Visio. Good oral/written communications to effectively communicate with stakeholders - peers, customers and managers. If you are interested in this position, please forward your CV to Aoife.lomasney@peglobal.net or call 0214297900 . Although it is not possible for us to respond to all applications, we at PE Global will do our upmost to give you feedback on your application. You have sent your Cv into us as a company and even though you have sent your CV to a particular position, we are making the reasonable assumption that you are active on the job market and as part of our normal recruitment service we will discuss other suitable positions with you. You are free to opt out of this so please specify in your application to us if you just want to be contacted in relation to a specific vacancy. Your Cv is sent to a central recruitment inbox which a number of people in the applicable PE Global division have access to and so this means that you might not be contacted by the named person in this advert. This job originally appeared on RecruitIreland.com.

1980 days ago