Team Member IS Risk

Role Overview: As a Senior Vulnerability Management and Configuration Assessment Lead, you will be responsible for leading vulnerability assessments, analyzing scan results, prioritizing vulnerabilities, and driving remediation efforts. Your role will involve utilizing your strong technical skills and deep understanding of information security principles to collaborate with various teams and enhance the organization's security posture. Additionally, you will be involved in advanced troubleshooting, configuration management, and problem resolution for complex IT systems, often working on escalations from L2 support and engaging with multiple stakeholders. Your expertise will be crucial in managing and maintaining the Configuration Management System (CMS) and Configuration Management Database (CMDB) while also having knowledge of Penetration Test and related concepts. Key Responsibilities: - Conduct vulnerability scans across different environments (e.g., cloud, on-premises) using tools like Tenable and Qualys. - Analyze scan results to identify security weaknesses and misconfigurations. - Perform in-depth analysis to understand the root cause of vulnerabilities and potential attack vectors. - Prioritize vulnerabilities based on factors such as severity, exploitability, and potential impact. - Collaborate with IT and DevOps teams to develop and implement remediation plans. - Monitor threat intelligence feeds and security advisories for emerging threats and vulnerabilities. - Create and maintain vulnerability management documentation, policies, procedures, and reports. - Collaborate with various teams to address vulnerabilities and enhance security posture. - Communicate risks associated with vulnerabilities to stakeholders and provide mitigation strategies. - Mentor and guide junior team members on vulnerability management principles and practices. Qualifications Required: - Strong understanding of information security principles and practices. - Proficiency in vulnerability scanning tools and techniques. - Experience with Risk Assessment methodologies and vulnerability scoring systems. - Knowledge of Cloud Security concepts and best practices. - Excellent communication, collaboration, and problem-solving skills. - Proficiency in relevant technologies such as operating systems (Windows, Linux) and networking protocols (TCP/IP, DNS, DHCP). - Understanding of ITIL principles related to Asset and Configuration Management. - Ability to effectively communicate technical information to both technical and non-technical audiences. - Experience in maintaining and managing a CMDB. (Note: Additional details about the company were not provided in the job description.),