Senior Risk and Control Advisor

Job Family Group:

Worker Type:

Business Unit:

Experience Level:

What s the role

We are seeking a detail-oriented and proactive Vulnerability Management advisor to support quality review, remediation advisory and track completion of appropriate remediation for detected DTR vulnerabilities. This role is responsible to face off to OIC team and coordinate with DTR Operations team to ensure timely resolution of detected vulnerabilities, helping to reduce risk and maintain a strong security posture.

What you ll be doing

• Coordinate vulnerability management lifecycle starting from vulnerabilities reported from Enterprise reporting tool Sec-Ops until remediation & verification.
• Act as a liaison between OIC vulnerability reporting team; DTR Operations team and Asset Owners.
• Perform review of incoming new vulnerabilities to ensure assigned are impacting DTR IT assets and contest in case of incorrect assignment
• Review assigned vulnerabilities to verify remediation accuracy and provide guidance to the remediation team on appropriate corrective actions.
• Provide technical advisory to DTR Operations team in prioritizing vulnerabilities based on risk, exposure and business impact.
• Escalate critical findings and delays in remediation to appropriate leadership.
• Generate and distribute vulnerability reports and dashboards to key stakeholders.
• Perform periodic continuous improvement analysis to reduce vulnerability influx & remediate faster.

What you bring

• Minimum 8 years experience in cybersecurity with exposure to vulnerability or risk management
• Bachelors degree in information technology, Cybersecurity or related field (or equivalent work experience)
• Strong communication and coordination skills
• Familiarity with vulnerability scanning tools; Cloud and On-Prem setup
• Understanding of common vulnerabilities (e.g., CVSS scoring, CVE identifiers)
• Professional certifications in cybersecurity or networking are preferred and will be considered an added advantage.

Preferred:

• Exposure to diverse IT technologies along with familiarity with IT networks
• Knowledge of security frameworks and standards (e.g., NIST, CIS controls)
• Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or Microsoft Certified: Azure Security Engineer Associate