Assistant Vice President – Vulnerability Management Specialist
| Company | CLS Group |
|---|---|
| Location | Newark, NJ, USA, New York, NY, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Virtualized and Cloud platforms experience such as Amazon Web Services, Microsoft Azure or Office 365
- S. in a technology discipline (Computer Science, Computer Engineering, Cybersecurity or equivalent)
- Conduct regular vulnerability scans and assessments across the organization’s IT environment using tools like Nessus, Qualys, or Rapid7
- Analyze vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention
- Coordinate with IT and security teams to prioritize and apply security patches and updates, including managing patch deployments using WSUS, SCCM, or Ansible
- Assist in investigating and resolving security incidents, providing expertise on vulnerability exploitation and mitigation
- Generate detailed reports on vulnerabilities, their impact, and the status of remediation efforts
- Ensure compliance with relevant security standards, policies, and regulations
- Develop and maintain vulnerability management documentation, including policies, procedures, and playbooks
- Engage in vulnerability management program reviews and continuous improvement initiatives
Responsibilities
- Use automated tools to perform regular scans on all systems including Networks, Application and endpoints
- Stay updated with the latest vulnerability databases (e.g CVE – Common Vulnerability and Exposure) and emerging threats to identify new vulnerabilities that could affect the organization
- Assign severity ratings to vulnerabilities (e.g. Critical, High, Medium, low) using risk assessment frameworks like CVSS (Common Vulnerability Scoring System)
- Access the potential impact of each vulnerability on the business including the likelihood of exploitation, potential data loss and possible operational disruptions
- Work with IT and development teams to ensure that patches or updates are applied to systems and applications to fix vulnerabilities
- Where applicable, make configuration changes to systems or applications to reduce exposure to Vulnerabilities
Preferred Qualifications
- ‘Hands-on’ IT Security Vulnerability Management and engineering experience including securing systems, networks and infrastructure; operational support, including on-call experience
- Proven experience including combination of intrusion detection, malware analysis, forensics and incident response, particularly in cloud/hybrid environments
- Working knowledge of cloud environments such as AWS
- Monitor, tune and develop technical IT Security controls and frameworks to ensure appropriate preparation, monitoring and response to threats
- Ensure a risk-based approach to IT Security is adopted in every part of the business and solutions
- Prepare for, identify (hunt) and remediate cyber threats
- Expert knowledge of Firewalls, TCP/IP, IPS, DLP, proxies, SIEM, & Endpoint Protection software
- Financial and/or Banking industry experience preferred
- Security certifications such as CISSP and at least one GIAC GSEC, GCED, GCIA, GCIH, GREM, GCFR or equivalent is preferred
- Experience with security and automation: Python, Powershell, Windows OS, Linux OS, VMware, Puppet, Chef / Ansible desirable