Vulnerability Management Leader - PRI Technology
St. Paul, MN 55144-1000
About the Job
The enterprise vulnerability management leader is responsible for managing and directing the organization's vulnerability management program across the global enterprise. This includes developing enterprise-wide vulnerability management strategy and policy, managing scanning and monitoring activities, prioritizing and tracking remediation, reporting on risk posture, and driving continuous improvement of vulnerability management practices.
Responsibilities:
Qualifications:
Lori Sklarski
Senior Technical Recruiter
PRI Technology
P: 973.732.5454 x27
C: 973.432.9968
F: 973.732.5456
Lori.sklarski@pritechnology.com
www.pritechnology.com
Responsibilities:
- Develop and execute a comprehensive vulnerability management strategy aligned with organizational cybersecurity objectives and risk tolerance.
- Create enterprise-level policies, standards, and procedures related to vulnerability management, assessment, and remediation.
- Select and oversee technology solutions for vulnerability scanning, asset inventory, configuration monitoring, threat intelligence, and dashboards/reporting.
- Plan and oversee regular vulnerability scans, reviews, risk ratings, and penetration tests for all assets and environments.
- Prioritize vulnerability and penetration test remediation based on severity ratings and business criticality.
- Build partnerships with developers, IT teams and business leaders to effectively push remediation of critical application and infrastructure vulnerabilities.
- Track and report on vulnerability and pen test tickets/findings from identification through remediation.
- Communicate technical risk and vulnerability data to leadership using impactful visualizations and metrics.
- Continually refine vulnerability management program components to improve efficiency, coverage, and integration with other processes.
Qualifications:
- 5+ years managing enterprise-wide vulnerability management programs
- Expert knowledge of vulnerability assessment tools, techniques, and reporting
- Experience performing and managing application and network penetration tests
- Experience with vulnerability prioritization frameworks and remediation workflows
- Risk management expertise with ability to translate technical risks for business leaders
- Excellent written and verbal communication skills
- Strong analytical and data analysis capabilities
- Knowledge of regulatory compliance requirements a plus (e.g. PCI DSS, HIPAA)
Lori Sklarski
Senior Technical Recruiter
PRI Technology
P: 973.732.5454 x27
C: 973.432.9968
F: 973.732.5456
Lori.sklarski@pritechnology.com
www.pritechnology.com
Source : PRI Technology