Job Description

Role & responsibilities Minimum 3 years of overall experience 1+ years in Incident Management, Vulnerability Management, Bug Bounty & Cyber security analysis Assess and support severity assignment on reported vulnerabilities in line with the Common Vulnerability Scoring System (CVSS) Effectively communicating vulnerability findings to stakeholders, including technical and non-technical audiences Developing strategies to address identified vulnerabilities, including mitigation plans and timelines Coordinate the remediation of findings from the organizations Bug Bounty & Vulnerability Disclosure Programs working directly with whitehat researchers. Analyze findings to understand if our vulnerability scanners failed to identify them and work with the relevant to address any visibility gaps Identify missing security controls that could have mitigated the Bug Bounty finding and ensure correction is tracked to completion Mature the program through the onboarding of new assets Works closely with Risk Management teams to document identified risks and issues highlighted through Bug Bounty Program Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework). Collaborates with Legal and Privacy Offices when critical data is at risk as a result of a Bug Bounty finding Maintain and follow runbooks for day-to-day activities