Job Title: Patch and Vulnerability Supervisor
Location: Downtown Phoenix
Our banking client in downtown Phoenix, is looking for a Patching and Vulnerability Supervisor/ Manager. Under general supervision, this position would be responsible for the identification, prioritization, remediation tracking and reporting of infrastructure/compliance vulnerabilities.Strong problem-solving skills, willingness to work independently and collaborate across business units is needed for this position.
- Manage enterprise vulnerability scanning technologies to include scheduling scans, conducting ad-hoc/validation scans, configuration settings, report creation, and minor support/maintenance
- Leverage other enterprise tools and collaborate with technology partners to assist in maintaining an accurate asset inventory for complete scanner coverage
- Assist with compliance policy and hardening document creation for all supported platforms
- Manage the vulnerability remediation lifecycle via enterprise ticketing system to track SLA breaches, process ticket assignments, and address any concerns raised
- Participate in the ongoing improvement of the scanning and vulnerability remediation process
- Creation of ad-hoc reports as required by business partners, regulators, or audit
- Stay informed of industry emerging threats and vulnerabilities
- Contribute to team development by documenting process efficiencies and conducting occasional trainings session
- Assist in operational projects and ad-hoc tasks as required
- Able to facilitate discussions and reach decisions
- Self -motivated, positive attitude
- KPI reporting and validation
- Validate proper mitigation controls are in place until remediation activities are complete.
- Act as the point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business groups
- Ability to assess and articulate actual business risk.
- Develop, document and maintain operation processes and procedures to conform with Enterprise Security Control Standards.
- Provide leadership and direction on initiatives relating to information security and the Vulnerability Management Program.
- Demonstrated understanding of infrastructure and cloud vulnerability scanning and configuration
- Strong knowledge of security technologies and architecture. Knowledge of IDS/IPS, DNS, DCHP, DMZ architecture, Active Directory, Proxies, Cloud architecture technologies and VPNs to name a few.
- Candidates must be skilled in vulnerability assessment, risk rating, threat correlation, asset-based remediation management, and reporting. Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support. Revise processes and procedures, metrics, and documentation that continue to improve the vulnerability management capability.
- Demonstrated experience with common vulnerability feeds from government, vendor, and open source communities
- Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls
- Strong understanding of network services, vulnerabilities and attacks. Knowledge of application exploits and vulnerabilities. Knowledge of ports and services typical in configuration of web servers, file servers, and workstations
- Understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation
- Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies
- Configure deployment of scan appliances, creation of option profiles, scanning schedules around high-risk vulnerabilities
- Ability to collaborate extensively with engineering teams to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies.
- You will support implementation and operations best practices while taking ownership of tasks and/or project work-streams, assist and perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables of the team
- Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.
- Candidates must be familiar with CVEs, CVSS, and Mitre as well as other industry specific vulnerability classification standards, frameworks, and best-practices
- Maintenance of all contacts and documentation.
- Bachelor’s degree and/or some relevant work experience in vulnerability management, cyber security and system/network administration is preferred
- Experience supporting cloud environments (i.e. Azure, AWS, GCP)
- Scripting experience preferred
- Excellent oral and written communication skills are required
- Analytical and problem-solving skills for troubleshooting are required
- Hands experience with Nexpose Rapid 7
- Expert using Excel, Word, PowerPoint
- Familiarity with vulnerability management security tools (Nexpose, Qualys, Microsoft Advanced Threat Protection (MDATP), Tenable, Nessus etc.)
- Familiarity with issue/ticket tracking systems (Jira, ServiceNow, etc)
- Familiarity with Vulnerability Management Life Cycle
- Industry certifications (ie GIAC, CompTIA, etc.)
- Identifies opportunities for process and technical security improvements in the environment
- Excellent communication, presentation, writing and documentation skills
- Follow-up and attention to detail.
- Good deductive reasoning skills, creative thinker.
- Analytical and detail-oriented individuals must have a passion for information security, creativity to identify gaps and initiative to find the appropriate solutions to fill needs
- Understand and able to create queries to support data extraction correlation and reporting
- Bachelor’s degree or higher in IT, CS, IS, with a focus in cyber security. Certifications a plus.
Heitmeyer Consulting is an equal opportunity employer and we encourage all qualified candidates to apply. Qualified applicants will be considered without regard to minority status, gender, disability, veteran status or any other characteristic protected by law.