Cybersecurity Vulnerability Manager

Responsible for conducting various security activities, including feasibility studies, automation initiatives, vulnerability assessments (VA), threat monitoring, risk assessments, policy compliance scanning, and reporting.

Your role will be crucial in identifying and mitigating security risks, ensuring policy compliance, and maintaining a secure environment for our organization.

Key Responsibilities:

1. Feasibility Studies:

• Conduct daily feasibility studies to assess the viability and effectiveness of potential security measures or initiatives.
• Collaborate with cross-functional teams to gather information and analyze the feasibility of implementing new security solutions.
• Prepare reports summarizing the findings and recommendations from feasibility studies.

2. Automation Initiatives:

• Identify opportunities for process automation within the security operations function.
• Develop and implement automated solutions to streamline security operations and enhance efficiency.
• Continuously monitor and optimize existing automation initiatives.

3. Vulnerability Assessments (VA) and Policy Compliance (PC): Infrastructure AND Applications

• Perform daily application onboarding and assessment for vulnerability scanning.
• Analyze vulnerability scan results and generate comprehensive reports.
• Collaborate with relevant teams to ensure timely remediation of identified vulnerabilities.
• Track and document the progress of remediation efforts.
• Provide daily support for troubleshooting and coordination activities related to security incidents.
• Generate reports and perform clean-up tasks to maintain accurate and up-to-date security records.
• Conduct policy compliance scanning and reporting, ensuring adherence to security standards.
• Assist in tracking and documenting remediation efforts for identified security risks.

4. Threat Monitoring:

• Monitor daily threat bulletins, threat intelligence feeds, and other relevant sources.
• Stay updated on emerging threats, vulnerabilities, and industry trends.
• Assist in identifying potential security risks and implementing proactive measures to mitigate them.

5. Risk Assessments:

• Respond to risk assessment requests related to architecture design and new applications.
• Evaluate security risks associated with exemption requests for WAF rules, Snyk findings, IP/URL whitelisting, and ad-hoc assessments.
• Collaborate with stakeholders to gather necessary information and perform in-depth risk analysis.
• Prepare detailed reports outlining risks and recommendations for risk mitigation.

6. Periodic Tasks:

• Conduct periodic activities such as policy configuration and onboarding.
• Perform firewall (FW) rule reviews, coordinate remediation efforts, and track progress.
• Coordinate and conduct password audits, ensuring compliance with password policies.
• Collaborate with teams to address identified vulnerabilities and improve security posture.

Qualifications and Requirements:

Bachelor's degree in Computer Science, Information Security, or a related field.

Solid understanding of information security principles, concepts, and best practices.

Experience in conducting feasibility studies and performing risk assessments.

Knowledge of vulnerability assessment tools and techniques.

Familiarity with threat monitoring tools and practices.

Strong analytical and problem-solving skills.

Excellent written and verbal communication skills.

Ability to work both independently and collaboratively within a team.

Attention to detail and ability to prioritize tasks effectively.

Strong Development skills and experience are a plus

Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

Join our team and contribute to the security of our organization by effectively managing security operations, conducting thorough assessments, and implementing proactive security measures. This is an exciting opportunity for someone passionate about information security and dedicated to maintaining a robust security posture. Apply now and help us safeguard our digital assets.