Role details

AVP, Vulnerability Management Engineer (Qualys)

Manhattan   •  Permanent

Bullet points

  • Senior Qualys Engineer opportunity with a Global Investment Bank
  • Experience with Qualys a must.

About Our Client

Our client is a global Investment Bank.

Job Description

Responsibilities for the role include:

  • Responsible for defining, ratifying and maintaining a formal Threat & Vulnerability Management Program; and framework that defines the vulnerability priorities aligned with business criticality
  • Responsible for providing governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation
  • Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
  • Work with Information Security team and update Security Standards for all technologies (Databases, Operating Systems & Network devices)
  • Translate Technical Security Standards into policy compliance profiles in enterprise security tool
  • Work with technology owners to validate the policy compliance profiles
  • Review the policy compliance scan results with stake holders
  • Onboard the assets for target technologies in enterprise security tool
  • Create required authentication records for target technology assets in enterprise security tool Perform policy compliance scans and deliver reports to the technology owners
  • Help build/improve an exception process to manage policy compliance deviation
  • Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
  • Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to manage the TVM Team to develop and update as appropriate
  • Be able to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services

The Successful Applicant

Qualificiations for the role include:

  • Bachelor's Degree in Business, Management, Computer Sciences, or equivalent prior work experience in a related field
  • Five to seven years of experience in Qualys policy compliance and vulnerability management
  • Exposure to Qualys APIs
  • Knowledge of scripting languages like python and Perl Understanding of CIS-Benchmark and NIST framework Working knowledge in RegEx
  • In-depth knowledge of operating systems security configuration (Windows servers and workstations, AIX/Linux/Solaris, and Apple MAC)
  • In-depth knowledge of network appliances (Firewalls, router & switches).
  • In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL). Strong analytical skills (i.e., technical and non-technical problem solving skills).
  • Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN.
  • Outstanding oral and written communications skills. This includes the ability to make formal stand-up presentations to all levels of management, etc.
  • Personal requirements: Results driven, with a strong sense of accountability A pro-active, motivated approach.
  • The ability to operate with urgency and prioritize work accordingly
  • A structured and logical approach to work Strong problem solving skills
  • A creative and innovative approach to work
  • Ability to work in a team environment
  • The ability to manage large workloads and tight deadlines Excellent attention to detail and accuracy

What's on Offer

Competitive Base, Bonus and Salary

Apply for this job

Click the Apply or LinkedIn button below or contact Nicole Julich quoting job reference 1216363
As you are using an Apple iOS device we are unable to offer you the CV upload function. Please apply with your Linkedin profile below or contact Nicole Julich quoting job reference 1216363