Manager Security Vulnerability and Monitoring Tools
Posted on Dec 22, 2021 by Request Technology - Robyn Honquest
INFORMATION SECURITY MANAGER- Vulnerabilities and Monitoring
SALARY: USD $150,000 to $180,000 plus $20k bonus
Candidate with a minimum of 3 years managing people. 8-10 years in Vulnerabilities and misconfiguration vulnerability monitoring.
- The Vulnerability team is responsible to identify vulnerabilities and misconfigurations in hybrid enterprise environment through automation of continuous scanning, and monitoring.
- Manage a team and foster innovation to design and implement custom automated solutions for reducing risk by detecting vulnerabilities faster, maintaining maximum scan visibility across hybrid environments, increasing process efficiency, and reducing toil.
- Vulnerability Monitoring
- Manage oversight and operational responsibility for scanning infrastructure and tools.
- Support vulnerability remediation initiatives and projects for on-prem and cloud, in alignment with established processes and directives.
- Lead identification of new capabilities and processes to support program and process improvements.
- Communicate with key user and operational groups to understand business needs.
- Lead discussions and assist stakeholders in prioritizing remediation activities and provide expert analysis
- Develop metrics and KPIs to track progress towards objectives and monitor scan completeness against various sources of record.
- Develop Security Controls and repeatable processes to align with industry best practices and standards (CIS, DISA, NIST CSF).
- Baseline Security Configurations
- Manage oversight and operational responsibility for developing custom audit scripts for automated monitoring of approved Baseline Security Configurations (BSC) for Servers, workstations, network devices, databases, etc.
- Work with platform SMEs to ensure accuracy and completeness for the BSC scans, and remove roadblocks
- Design monitoring solutions for new and existing technologies to determine compliancy with published standards.
- Document, review, and ensure that all quality and change control standards are met.
- 8-10 years of professional experience with 3+ years of management experience.
- Experience managing security tools and performing vulnerability, and compliance scanning
- Experience with Linux and Windows operating systems, Cloud technologies, Network devices, Databases, etc.
- Solid understanding of deploying and maintaining tools
- Knowledge in Scripting languages - Python, Bash, PowerShell, Regex
- Experience leading projects and initiatives
- Preferred certifications: CISSP/CISM/GSLC, AWS/GCP/Azure