: ROLE Lead, Vulnerability Management QUALIFICATION Bachelor\'s Degree in Computer Science or Information Technology, Master\'s Degree in Computer Science or Information Technology, MBA EXPERIENCE 5-6 Years CERTIFICATIONS * Certified Information System Security Profession (CISSP)
CISCO Certified Network Associate (CCNA)
Certified Information Security Manager (CISM)
CompTIA Advance Security Practitioner
GIAC Certified Enterprise Defender (GCED)
Global Industrial Cyber Security Professional (GICSP)
eLearnSecurity Certified Threat Hunting Professional (eCTHP)
PURPOSE Oversees the vulnerability management section within client. Provides direction and guidance to the team to perform vulnerability assessments of systems and networks. Heavily involved in budgeting and management reporting. SKILLS * Skill to anticipate new security threats.
Skill to remain aware of evolving technical infrastructures.
Skill to use critical thinking to analyze organizational patterns and relationships.
Skill in performing impact/risk assessments.
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
Skill in conducting application vulnerability assessments.
Skill to develop insights about the context of an organization\'s threat environment
Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience
JOB DESCRIPTION * Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support cybersecurity goals and objectives and reduce overall organizational risk.
Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements.
Communicate the value of cybersecurity throughout all levels of the organization stakeholders.
Develop and maintain vulnerability management strategic plans
Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information.
Lead and align cybersecurity priorities with the security strategy.
Lead and oversee budget, staffing, and contracting with respect to vulnerability management
Recommend vulnerability management policy and coordinate review and approval.
Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization\'s vision and goals
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Supervise and assign work to programmers, designers, technologists and technicians, and other engineering and scientific personnel.
Coordinate with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets
Perform an information security risk assessment
Collaborate with key stakeholders to establish a cybersecurity risk management program
Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).
Reporting to the senior management/board of client.