Manager - Threat and Vulnerabilit

New York, NY 10020

Posted: 07/19/2017 Employment Type: Direct Hire Industry: Other Area(s) Job Number: 220

Job Description


Overview

The Manager, Threat & Vulnerability Management will play a critical role in the global Information-Security TVM Program. This individual will report to the Director, Global Information Security.

Drive and mature TVM program, with the goal of building an effective threat and vulnerability management program by taking a risk-based approach to identify and quickly remediate vulnerabilities that pose the most impact to critical business services. This individual will be interfacing very closely with the development team, and infrastructure team. The ideal candidate need to understand how a threat actor views the attack surface and include attack scenarios that leverage existing vulnerabilities to determine how effective response, detection and prevention capabilities are.

Responsibilities and Duties
  • Responsible for configuring vulnerability assessment tools, as well as performing internal and external vulnerability scans as well as penetration, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
  • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
  • Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs.
  • Approaches for addressing vulnerabilities include system patching and security review process.
  • Identify and resolve any false positive findings in assessment results.
  • Monitoring vulnerability data, especially data from vendors that are critical to keeping the business running;
  • Threat modeling to underscore which threats pose the most risk to business services
  • Mitigation processes to prioritize and remediate vulnerabilities across the environment.
  • Create metrics and reporting on the state of security stack, threat, vulnerability and patch management.
  • Work with PMO to manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.

 

Skills, Knowledge and Abilities:
  • Ability to perform vulnerability assessments and penetration testing using manual testing techniques, scripts, commercial and open source tools
  • Technical network (e.g. CCNA, CCNP Security) and security certifications highly desirable (e.g. CISA, CISSP, GCIH).
  • Understanding of controls (e.g. access control, authentication, encryption, integrity, and application security).
  • Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
  • Must possess excellent communication skills (written, verbal). Should be able to work with technical and non-technical individuals alike.
  • Ability to mentor other employees to improve their skills and effectiveness.
  • Ability to design, resource, status, and complete projects on time and on budget independently, with minimal supervision.

 

Meet Your Recruiter

Jason Destro

Over 20 years’ of recruiting experience with hands-on recruiting and placement of I.T. professionals (Full Time, Temp 2 Perm, & Contingent) in the NJ/NY/CT/PA marketplace for a wide variety of today's demanding IT skill sets. Focused on delivering exceptional service by understanding client’s objectives and goals.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.
" property="pl-share-desc">

Manager - Threat and Vulnerabilit

New York, NY 10020

Posted: 07/19/2017 Employment Type: Direct Hire Industry: Other Area(s) Job Number: 220

Job Description


Overview

The Manager, Threat & Vulnerability Management will play a critical role in the global Information-Security TVM Program. This individual will report to the Director, Global Information Security.

Drive and mature TVM program, with the goal of building an effective threat and vulnerability management program by taking a risk-based approach to identify and quickly remediate vulnerabilities that pose the most impact to critical business services. This individual will be interfacing very closely with the development team, and infrastructure team. The ideal candidate need to understand how a threat actor views the attack surface and include attack scenarios that leverage existing vulnerabilities to determine how effective response, detection and prevention capabilities are.

Responsibilities and Duties
  • Responsible for configuring vulnerability assessment tools, as well as performing internal and external vulnerability scans as well as penetration, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
  • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
  • Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs.
  • Approaches for addressing vulnerabilities include system patching and security review process.
  • Identify and resolve any false positive findings in assessment results.
  • Monitoring vulnerability data, especially data from vendors that are critical to keeping the business running;
  • Threat modeling to underscore which threats pose the most risk to business services
  • Mitigation processes to prioritize and remediate vulnerabilities across the environment.
  • Create metrics and reporting on the state of security stack, threat, vulnerability and patch management.
  • Work with PMO to manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.

 

Skills, Knowledge and Abilities:
  • Ability to perform vulnerability assessments and penetration testing using manual testing techniques, scripts, commercial and open source tools
  • Technical network (e.g. CCNA, CCNP Security) and security certifications highly desirable (e.g. CISA, CISSP, GCIH).
  • Understanding of controls (e.g. access control, authentication, encryption, integrity, and application security).
  • Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
  • Must possess excellent communication skills (written, verbal). Should be able to work with technical and non-technical individuals alike.
  • Ability to mentor other employees to improve their skills and effectiveness.
  • Ability to design, resource, status, and complete projects on time and on budget independently, with minimal supervision.

 

Meet Your Recruiter

Jason Destro

Over 20 years’ of recruiting experience with hands-on recruiting and placement of I.T. professionals (Full Time, Temp 2 Perm, & Contingent) in the NJ/NY/CT/PA marketplace for a wide variety of today's demanding IT skill sets. Focused on delivering exceptional service by understanding client’s objectives and goals.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.