Description

The will provide technical expertise in the design, implementation, and development of the firm's vulnerability management program. The role holder will work to continuously improve the vulnerability management posture of the firm.
 
Responsibilities:
  • Design, architect, and operate the firm's vulnerability management tools to ensure they are running on a 24/7 basis
  • Manage and develop a large enterprise vulnerability assessment toolset and articulate risk and vulnerability impact to key stakeholders and technical teams
  • Design and produce an effective vulnerability reporting program for executive-level consumption

Experience Required

Skills and Experience:
  • Computer Science Bachelor’s degree or substantial equivalent experience
  • Experience with CISSP, CCSP, CompTIA Security+, or equivalent
  • Extensive experience in security vulnerability management for a large Windows enterprise 
  • Strong administrative experience with vulnerability scanning tools such as Nessus, Nmap, Qualys, etc.
  • Experience and understanding of Windows patching methods, SCCM, MS Intune, and Group policy deployment. 
  • Good understanding of NIST 800-53 standards, best practices, and regulatory compliance.
  • Excellent understanding of CVSS scoring vulnerability rating and risk prioritization 
  • Working knowledge of cloud security  technologies and vulnerability assessment for IaaS & PaaS environments
  • Expert analytical skills, including the gathering and analyzing of facts, formulating objective conclusions modified by subjective and experience-based qualifiers when appropriate, defining problems, and promoting solutions
  • Ability to adapt, integrate, and modify existing programs or vendor-supplied package programs for use with existing information systems
  • Proficient in oral and written English
  • Ability to be productive and maintain focus without direct supervision