Key Skills: External Attack Surface Management (EASM) solution & Vulnerability Management
Job Objectives
Ø This Vulnerability Management role will help on the strategic initiative to implement the External Attack Surface Management (EASM) solution.
Ø This role requires an experienced cybersecurity professional with the basic understanding of external threat landscapes, experience in attack surface management, and the ability to implement robust operational models.
Key Responsibilities
Ø Support the implementation of the EASM program across the organization.
Ø Collaborate with cross-functional teams and stakeholders to ensure comprehensive coverage of the bank's external attack surface.
Ø Support defining and establishing the operational model for EASM
Ø Collaborate with internal and external stakeholders to stay ahead of emerging cyber threats and vulnerabilities.
Ø Support the development and maintain incident response plans specifically tailored to address external threats identified through the EASM program.
Ø Coordinate assessing exposure, risk, and the remediation.
Ø Conduct regular drills and exercises to test the effectiveness of the incident response plans.
Ø Collaborate with third-party vendors providing EASM solutions and monitor the service quality.
Ø Develop contextual data sets, reports, and dashboards to provide management, risk, and service insights.
Ø Provide support for all audit and regulatory requests.
Key Requirements
Education:
Ø Diploma/Degree in Engineering/Computer Science/IT/Cyber Security from a recognized education institution
Ø Professional security related qualifications (e.g., CISSP, CISA, CISM, CCSP, etc.) will be favorable although not mandatory
Technical Skills:
Ø 3-5 years of experience in IT with a recent focus on cyber security or related fields
Ø Strong knowledge of network protocols, architecture, and security measures.
Ø Proficiency in configuring and managing firewalls, intrusion detection/ prevention systems, and other network security devices.
Ø Familiarity with vulnerability scanning tools and methodologies.
Ø Familiarity with threat intelligence platforms and analysis tools for proactive defense.
Ø Familiarity with using SIEM solutions to collect, analyze, and correlate security events.
Ø Knowledge of incident response processes and procedures.
Ø Ability to analyze large datasets for patterns and anomalies indicative of security threats.
Soft Skills:
Ø Excellent communication and collaboration skills
Ø Process aware mindset
Ø Strong analytical and problem-solving skills
Ø Effective time management and organizational skills
Ø Team player, including ability to establish and maintain effective working relationships within and across the organization
