Vulnerability Management Specialist

Responsibilities:

• As part of the IT Security team, develop and implement firm IT Strategy in consultation with the IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall firm Strategy
• Research new security related products and services to ensure that firm is equipped with appropriate industry best tools and solutions
• Operate controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations.
• Conduct IT Security risk assessments for all high impact projects, defining security mitigating controls that impact the technology architectures of firm, service providers, and business partners
• Review and update IT Security procedures to reflect best practice and mitigate current and emerging threats
• Assigned ownership of IT Security Monitoring and Response related FRB and Internal Audit finding(s) and effective /timely resolution with IT Security
• Maintain relationships with third-party IT security vendors and strategic partners

Vulnerability Identification:

• Scanning Systems: Use automated tools to perform regular scans on all systems including Networks, Application and endpoints.
• Threat Client: Stay updated with the latest vulnerability databases (e.g CVE – Common Vulnerability and Exposure) and emerging threats to identify new vulnerabilities that could affect the organization.

Vulnerability Identification:

• Risk Rating: Assign severity ratings to vulnerabilities (e.g. Critical, High, Medium, low) using risk assessment frameworks like CVSS (Common Vulnerability Scoring System)
• Business Impact: Access the potential impact of each vulnerability on the business including the like hood of exploitation, potential data loss and possible operational disruptions.

Vulnerability Remediation:

• Patch Management: Work with IT and development teams to ensure that patches or updates are applied to systems and applications to fix vulnerabilities.
• Configuration Changes: Where applicable, make configuration changes to systems or applications to reduce exposure to Vulnerabilities

Qualifications:

1. Virtualized and Cloud platforms experience such as Amazon Web Services, Microsoft Azure or Office 365
2. S. in a technology discipline (Computer Science, Computer Engineering, Cybersecurity or equivalent);
3. Conduct regular vulnerability scans and assessments across the organization's IT environment using tools like Nessus, Qualys, or Rapid7. These platforms are essential for identifying and prioritizing security weaknesses, providing detailed insights that enable proactive risk reduction.
4. Analyze vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention.
5. Coordinate with IT and security teams to prioritize and apply security patches and updates, including managing patch deployments using WSUS, SCCM, or Ansible which are critical for automating and streamlining the update process across large networks, reducing the risk of security breaches, and ensuring compliance with industry standards.
6. Assist in investigating and resolving security incidents, providing expertise on vulnerability exploitation and mitigation.
7. Generate detailed reports on vulnerabilities, their impact, and the status of remediation efforts. Communicate findings to stakeholders.
8. Ensure compliance with relevant security standards, policies, and regulations.
9. Develop and maintain vulnerability management documentation, including policies, procedures, and playbooks, including creating response plans for critical vulnerabilities or emerging threats.
10. Engage in vulnerability management program reviews and continuous improvement initiatives, providing input on enhancements to scanning and reporting processes.

• Virtualized and Cloud platforms experience such as Amazon Web Services, Microsoft Azure or Office 365
• S. in a technology discipline (Computer Science, Computer Engineering, Cybersecurity or equivalent);
• Security certifications such as CISSP and at least one GIAC GSEC, GCED, GCIA, GCIH, GREM, GCFR or equivalent is preferred
• Knowledge of incident handling life cycle based on an established framework: ISO 27035, SANS, NIST SP 800-61, CERT, ENISA
• Experience with security and automation: Python, Powershell, Windows OS, Linux OS, VMware, Puppet, Chef / Ansible desirable