x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Vulnerability Management Expert
 banner picture 1  banner picture 2  banner picture 3

Vulnerability Management Expert

Adecco Personnel Pte Ltd

Adecco Personnel Pte Ltd company logo

The Opportunity

  • Adecco is partnering with one of the most well-established and respected financial institution with a strong track record of success.
  • They have a culture of innovation and continuous improvement, constantly looking for ways to improve their services and offerings.

Job Responsibilities

  • Vulnerability Management Expert is an individual role within the Data Security Services team and will be responsible for owning the Vulnerability Management. The individual is supported by platform teams for remediation actions.
  • The position is pivotal for driving the process with various cross-functional (transverse) IT teams.
  • Person will be responsible for following (but not limited to) responsibilities in day-to-day work
  • Focal point of contact for Vulnerability Management and related topics- a go-to person for consultation regarding the vulnerabilities identified by the tool and guide & assist Infrastructure and Application teams to remediate the vulnerabilities identified under their application/infrastructure scope.
  • Person will be responsible preparing the Vulnerability Management Plan and the executes plan through all the phases of Vulnerability Management Lifecycle.
  • Ensures that the Vulnerability scans are scheduled, configured in tool and are executed as per the schedule. Any failure of scans is to be investigated and schedule to re-run
  • Conducts periodical discovery of IT Assets and ensures that identified assets are highlighted to CMDB owner for appropriate Asset tagging and also onboards the new asset in Vulnerability Management tool
  • Assess the identified vulnerabilities and study & understand the risk profile, impact as per environmental context
  • Lead the discussions with Infrastructure and Application teams and advise them the relevance of vulnerability and help them understand the impact
  • Understand the false positives reported and the technical limitations of the environment and facilitate the process of Risk Acceptance.
  • Person will be responsible to liaise with various stakeholders for proposing and maintaining the approvals for such cases
  • Collaborate with Infrastructure teams- Windows, Unix, Networks etc. for the remediation of the identified vulnerabilities
  • Maintain the Vulnerability Dashboard for the scope and submits reports both of Technical teams and Management Reporting
  • Organize work in order to achieve compliance to established KPIs for Vulnerability Management and proactively work towards achieving the same. Maintain periodical reporting on the progress
  • Escalate- discuss and consult- as required to next levels and Management in timely manner
  • Provide subject matter expertise for the Vulnerability Management service
  • Lead the Penetration testing remediation planning with cross functional teams
  • Conduct new threat exposure scanning across the asset scope and advise the applicability and lead remediation exercises with cross functional teams
  • Participate in meetings with various stake holders as per the schedules
  • Liaise with different teams in different geographical zones
  • Propose, plan and execute Service improvements initiatives
  • Adhere to different policies set out by the organization
  • Prepare and provide different reports (weekly/monthly/ad-hoc) to the Manager as necessary
  • Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities
  • Keeping abreast of new threats and vulnerabilities and provide analysis as per applicability
  • Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.


Work Schedule

  • Work schedule is mainly aligned to Asia and EMEA time zone. However, candidate may have to work outside of work-hours for urgent or critical threat management topic as applicable and as required.
  • Flexible work schedule (based on roster) is followed:
  • General hours: 10 AM – 7 PM or 11 AM – 8 PM SGT
  • Afternoon hours: 12:00 Noon – 9 PM SGT (as per operations needs as required).


Job Qualification

  • 10 -12 years of IT experience with 6-8 years of IT Security experience and 5+ years of experience in managing Vulnerability Management process for an enterprise.
  • Should be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science
  • Professional Certifications (highly preferred)
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Enterprise Vulnerability Assessor (GEVA), or any other Vulnerability Management Certification
  • CREST certification
  • Working & hands-on experience in managing Vulnerability Management process
  • Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, networks, database, and application servers
  • Ability to assess vulnerabilities and prioritize remediation planning
  • Experience in working collaboratively with cross-functional/transverse IT teams in Production setup (Operations) mode
  • Ability to apply Risk based approach while working on assigned responsibilities
  • Must have working experience in administrating and operating Tenable (Nessus) Security Center vulnerability management tool for a Large enterprise level environment
  • Good understanding of Reporting needs at various levels of organization and ability to design, create and present the same
  • Hands-on experience of creating reports using various tools such as Excel, PowerPoint, Word in graphical formats, trending
  • Experience in working with any BI tools like Power BI etc. to prepare the dashboard
  • Knowledge of different domains of Information Security
  • Working experience in financial organization is highly preferred
  • Excellent in analytical, communication and documentation skills
  • Ability to organize work and be able to priories work as per the Operation’s needs
  • Must have strong understanding of ITIL processes and comfortable working in process-oriented environment\Ability to work independently and as well as a part of team and is able to work under minimal supervision
  • Should have time management skills and able to manage work in fast moving environment
  • Excellent written and oral English language skills. Knowledge of French language is preferred.

Skills Matrix

Technical skills

  • Experience of running Vulnerability Management Service - Must
  • Hands-on knowledge of Tenable Security Center or any other vulnerability management tool - Must
  • Conducting Vulnerability Assessments - Must
  • Reporting and Documentation skills - Must
  • Fundamental understanding of Operating Systems fundamentals- Windows, Linux - Good to have
  • PowerShell, bash based scripting knowledge - Good to have
  • Threat Assessments - Good to have

General skills

  • Ability to prioritize effectively - Critical
  • Ability to work autonomously - Critical
  • Ability to work successfully in a team - Critical
  • Adaptability to changing environments - Critical
  • Inter-personal skills - Critical

Language skills

  • English - Critical
  • French - Good to have


Next Step

Click “apply” or send resume to: Tamanna Bilandi [email protected]

EA Licence No.91C2918| Personnel Registration No. R2096241

✱   This job post has expired   ✱

Sharing is Caring

Know others who would be interested in this job?