Vulnerability Management Lead

About The Position

Requirements

• Experience performing vulnerability scans, implementing or overseeing vulnerability assessment, and conducting risk assessments in a large enterprise.
• Highly self-directed problem solver who thrives in ambiguity and requires minimal supervision.
• Able to navigate limited tooling, incomplete information, and operational constraints to design creative, scalable, and incresignly automated solutions that streamline vulnerability management workflows.
• Ability to monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services.
• Ability to pivot to emerging vulnerabilities and exigent issues that may arise.
• Communicating complex security issues to business owners at their level of knowledge.
• Ability to manage a formal exception process
• Strong written and oral communication skills across varying levels of the organization.
• Well organized with keen attention to detail.
• Capable of maintaining accurate asset inventory
• Comfortable presenting reports to cross functional teams and upper management
• Proficient with commercial and open source vulnerability management solutions.
• Ability to influence technical team and business units and collaborate to reduce attack surface.
• Advanced knowledge of operating systems, applications, infrastructure and cloud computing services.
• Ability to generate detailed reports and metrics to track vulnerability assessment findings and remediation
• Experience developing processes, playbooks, and run books for vulnerability management practices.
• Experience compiling and tracks CIS Benchmark Controls for multiple operating systems across enterprise
• Ability to maintain and create documentation related to vulnerability policies and procedures.

Responsibilities

• Performs vulnerability scans, implementing or overseeing vulnerability assessment, and conduct risk assessment.
• Monitors for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services.
• Collaborates with IT and security operations to manage internal- and external-facing systems to identify, track and remediate system and application vulnerabilities.
• Identify clear ownership for remediation tasks and drive cross-functional partners towards timely, effective vulnerability resolution through structured planning and communication.
• Works directly with application owners and system managers to achieve short-term mitigation and progress long-term remediation objectives
• Supports IT operations’ responsibility to remediate system and application vulnerabilities.
• Conducts continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets.
• Owns and drives the Vulnerability Management strategy.
• Generates detailed reports and metrics to track vulnerability assessment findings and remediation progress, providing insights to stakeholders and leadership
• Develops processes, playbooks, and run books for vulnerability management practices.
• Serve as a point of contact for new and existing vulnerability-related issues.

Benefits

• [https://ecstech.com/careers/benefits]