Vulnerability and Application Security Manager

  • location: New York, NY
  • type: Permanent
  • salary: $110,000 - $140,000 per year

job description

Vulnerability and Application Security Manager

job summary:
About the Role

The Vulnerability and Application Security Manager will develop, deploy, and oversee vulnerability management and aspects of application security across the company's desktop, infrastructure, public cloud, and software-as-a-service providers. The role will champion and guide maturing the existing program through the deployment of new scanning, patching, monitoring, and reporting capabilities. Vulnerability management will offer input into our security policy, enforcement model, application development, and technology configuration to ensure all desktops, platforms, and applications are compliant and secure.

This candidate must be hands-on, comfortable working in small teams, and interested in continually researching to improve knowledge and our platforms and tools.

Responsibilities

  • Manage and improve the Vulnerability management process including tools, reporting, and governance.
  • Detection and assessment of vulnerabilities across endpoints, public cloud, and SaaS environments.
  • Manage third-party penetration testing teams.
  • Monitor and report on vulnerabilities and patch status.
  • Verification of the baseline configuration, performance of compliance tests, and monitoring of drift.
  • Identify and manage tools to manage scanning, mitigations, corrective actions, verification, and policy exception.
  • Risk modelling and cooperation with SOC in risk analysis.
Qualifications

  • 5+ years' experience in a highly technical Information Security role
  • 3+ years' experience in vulnerability management across operating systems, applications, and cloud security configurations
  • 3+ years' experience with security technologies and applications in enterprise and cloud environments (e.g., vulnerability scanners, IDS, firewalls, proxies, Networks, Laptops, Desktops, Wireless Access Points)
  • 2+ years' experience with information security responsibilities related to public cloud custom build software products
  • BS/BA degree (i.e., Computer Science/Engineering, Business, etc.)
  • Master's degree or other advanced degree in the field of cybersecurity
  • Experience in the telecommunications, financial services, defense, or government industries
  • Working knowledge/experience with Python, SQL, and REST APIs
  • Experience implementing security controls within the CI/CD as it relates to containers
  • Experience with information security best practices, including a good understanding of OS concepts, process management, and resource scheduling in Windows and Linux environments
  • strong understanding of cybersecurity threats and technology related risk
  • Ability to work independently or as part of a group
  • Solid problem-solving abilities
  • strong ability to review system and application data and develop metrics and reporting
  • CISSP or related experience
Previous Experience

  • Developed and defined Vulnerability Management process
  • Detection and assessment of vulnerabilities
  • Monitoring and reporting of vulnerabilities
  • Activities in the Vulnerability Management process
  • Verification of the baseline configuration and performance of compliance tests
  • Recommendations of mitigation and corrective actions and verification of their implementation
  • Risk modelling and cooperation with SOC in risk analysis
  • Understanding in reading / assessing vulnerability disclosures (CVE, CVSS)
  • Management of third-party penetration testing teams
 
location: MANHATTAN, New York
job type: Permanent
salary: $110,000 - 140,000 per year
work hours: 8am to 4pm
education: Bachelors
 
responsibilities:
  • Manage and improve the Vulnerability management process including tools, reporting, and governance.
  • Detection and assessment of vulnerabilities across endpoints, public cloud, and SaaS environments.
  • Manage third-party penetration testing teams.
  • Monitor and report on vulnerabilities and patch status.
  • Verification of the baseline configuration, performance of compliance tests, and monitoring of drift.
  • Identify and manage tools to manage scanning, mitigations, corrective actions, verification, and policy exception.
  • Risk modelling and cooperation with SOC in risk analysis.
 
qualifications:
  • Experience level: Experienced
  • Minimum 5 years of experience
  • Education: Bachelors (required)
 
skills:
  • SECURITY (5 years of experience is required)
  • Network Security (5 years of experience is required)
  • Python
  • SQL
  • vulnerability management (5 years of experience is required)
  • CLOUDERA (5 years of experience is required)
  • cybersecurity (5 years of experience is required)
  • information security (5 years of experience is required)
  • patch (4 years of experience is required)
  • penetration testing (5 years of experience is required)
  • risk analysis (5 years of experience is required)

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs

    IT Project Manager

  • location: New York, NY
  • job type: Contract
  • salary: $48 - $58 per hour
  • date posted: 7/29/2021