Job Objectives
This Vulnerability Management role will help on the strategic initiative to implement the External Attack Surface Management (EASM) solution.
This role requires an experienced cybersecurity professional with the basic understanding of external threat landscapes, experience in attack surface management, and the ability to implement robust operational models.
Key Responsibilities
· Support the implementation of the EASM program across the organization.
· Collaborate with cross-functional teams and stakeholders to ensure comprehensive coverage of the bank's external attack surface.
· Support defining and establishing the operational model for EASM
· Collaborate with internal and external stakeholders to stay ahead of emerging cyber threats and vulnerabilities.
· Support the development and maintain incident response plans specifically tailored to address external threats identified through the EASM program.
· Coordinate assessing exposure, risk, and the remediation.
· Conduct regular drills and exercises to test the effectiveness of the incident response plans.
· Collaborate with third-party vendors providing EASM solutions and monitor the service quality.
· Develop contextual data sets, reports, and dashboards to provide management, risk, and service insights.
· Provide support for all audit and regulatory requests.
Key Requirements
Education:
· Diploma/Degree in Engineering/Computer Science/IT/Cyber Security from a recognized education institution
· Professional security related qualifications (e.g., CISSP, CISA, CISM, CCSP, etc.) will be favorable although not mandatory
Technical Skills:
· 3-5 years of experience in IT with a recent focus on cyber security or related fields
· MUST has working knowledge of EASM Space and Vulnerability Management
· Strong knowledge of network protocols, architecture, and security measures.
· Proficiency in configuring and managing firewalls, intrusion detection/ prevention systems, and other network security devices.
· Familiarity with vulnerability scanning tools and methodologies.
· Familiarity with threat intelligence platforms and analysis tools for proactive defense.
· Familiarity with using SIEM solutions to collect, analyze, and correlate security events.
· Knowledge of incident response processes and procedures.
· Ability to analyze large datasets for patterns and anomalies indicative of security threats.
Soft Skills:
· Excellent communication and collaboration skills
· Process aware mindset
· Strong analytical and problem-solving skills
· Effective time management and organizational skills
· Team player, including ability to establish and maintain effective working relationships within and across the organization.
