Enterprise Vulnerability Remediation Manager
Category : Information Technology
Location/City : GA - Atlanta
Id : 34141
We're on the hunt for an Enterprise Vulnerability Remediation Manager on behalf of a client in the payments space. In this position, you'll take on the responsibility for creating and managing an industry-leading enterprise vulnerability management program to minimize security risk while maintaining 99.999% availability.
Think you have what it takes?5 Things You Can't Google About this Gig
And now for the mundaneJob Duties & Responsibilities
We judge you by your wallpaper selection: That's a lie, unless the wallpaper is just tacky. We will, however, judge you by your experience with basic scripting, vulnerability management, and network design and architecture.
Why you want this job: When it comes to network security, you know all of the secrets. Determining and avoiding risks is what keeps you going.
What Wikipedia won't tell you: Not even Google will tell you which vulnerabilities are relevant to our systems. That's why we need you.
Golden Rule this company lives by: Great people = Great Results. The people are great and there's a clear career path for those that hustle and grind on a daily basis.
Fringe benefits: All the caffeine you can handle.
Skills & Qualifications
- Develop, implement, and execute industry-leading vulnerability management services, vulnerability remediation and patch management oversight
- Lead technology vulnerability remediation efforts through cross functional working committees
- Manage enterprise vulnerability assessment and configuration assessment tools
- Identify and resolve false positive findings in assessment results
- Analyze threat and vulnerability feeds by analyzing data for applicability
- Assess compensating controls and validate effectiveness of existing controls
- Responsible for generating timely vulnerability assessment reports to management and stakeholders
- Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
- Creation of a cohesive reporting strategy inclusive of the development of threat reports and metrics on a weekly and monthly basis
- Development and analysis of security vulnerability and threat reports with technology business units
- Decide on and approve steps to be taken with security controls and/or corrective actions for mitigating technical and business risk
- Collaborate on basic framework for SLA's for application development
- Build a process to support SLA's for different types of risk
- Regular interactions with InfoSec, Architecture, security process and procedures, various audit teams and multiple engineering teams to raise awareness of identified risks
- Development and management of an information sharing program with peer financial organizations and industry security organizations
- Support all regulatory and compliance requirements and generation of required artifacts
- Developing a vulnerability lifecycle program that correlates to the overall asset lifecycle program
- Bachelor's degree in a related field and/or a minimum of 5 years of equivalent experience.
- 5+ years of experience in performing vulnerability management for all platforms
- Experience and ability to do basic scripting
- Experience securing multiple platforms and operating systems
- A solid understanding of network design and architecture
- Expert understanding of the OSI model and TCP/IP
- An understanding of regulatory requirements: PCI, FFIEC, SOX, HIPAA, ISO 27002 standard
- Military education or experience may be considered in lieu of requirements above
Security, Vulnerabilities, Networking protocols, network security, cyber-security, security risks