The CIP Database and Mobile Vulnerability Senior Advisor is responsible for ensuring operational excellence of cyber security vulnerability management activities
location: Bloomfield, Connecticut
job type: Contract
work hours: 8am to 5pm
- Coordinating daily database vulnerability assessments, interpreting the scan results and driving the remediation of detected vulnerabilities with database security teams.
- Publishing high risk vulnerabilities to the teams responsible for fixing the vulnerabilities, and tracking and reporting the remediation progress, dates, and plans.
- Adhering to Issue Management processes, which include logging findings in Archer, obtaining all necessary approvals, and tracking any corresponding Exceptions.
- Being able to prioritize and advise on remediation and mitigation solutions for a variety of databases platforms assessed including, but are not limited to; Mongo, UDB, DB2, Oracle, SQL, and Sybase.
- Lead cross-functional teams to further develop and implement a corporate wide strategy and governance to support minimum OS standards for mobile devices (i.e. mobility, corporate communications, help desk, and executive support).
- Supporting all CIP team strategies and reporting.
o Bachelor's degree in Cybersecurity, computer science, or related field.
o Prior DBA experience is a plus.
o Strong organizational and project management skills.
o Project Management Professional (PMP) certification is a plus.
o Strong knowledge industry standards (NIST) regarding vulnerability management including Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS)
o Ability to explain technical Cybersecurity concepts in a way non-technical staff can understand.
o Ability to ensure activities are in alignment with the business objectives and risk management framework.
skills: o Conflict management, problem solving, customer service skills.
o Excellent written and oral communication skills, strong meeting facilitation skills.
o Have a 'can do' positive attitude and comfortable in high pressure situations.
o Team player with proven ability to manage working relationships within a matrix organization
o Demonstrate excellent interpersonal skills.
o Ability to multi-task and meet deadlines.
o Experience with IBM Guardium and SEP Mobile would be beneficial.
o 3+ years of experience in documenting and tracking identified risks through to closure, including working with other departments as may be required.
o 3+ years of experience working on or closely with an information protection or cyber security team. Knowledge of core security principals, frameworks and risk models.
o CISSP, CISA, CISM, or equivalent is desired.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.