Responsibilities
- Keep customers, clients, and colleagues safe by identifying cyber-vulnerabilities
- Allocate the correct risk rating and remediation prioritisation
- Develop vulnerability management operating model, policies, and procedures
- Communicate vulnerabilities to relevant parties
- Collaborate with Threat intelligence and Cyber Operations teams
- Report remediation status of Security Assurance Specialist team findings
Qualifications
- Experience with Attack surface discovery and asset attribution
- Ability to continuously identify internet-facing assets, shadow IT, domains, subdomains, certificates, cloud services, APIs, SaaS exposures, third-party-hosted assets, and assets with unclear ownership
- Risk-based exposure prioritisation
- Ability to prioritise the most material exposures by combining exploitability, business criticality, asset ownership, threat intelligence, vulnerability data, and likelihood of attack
- Threat-informed attack surface analysis
- Ability to enrich attack surface findings with attacker techniques, active exploitation trends, KEV data, offensive security teams findings, and sector-specific threat intelligence
Hard Skills
- vulnerability management
- risk rating
- remediation prioritisation
- attack surface discovery
- asset attribution
- internet-facing assets
- shadow IT
- cloud services
- APIs
- threat-informed attack surface analysis
Soft Skills
- communication
- collaboration
#J-18808-Ljbffr…
