IT Vulnerability Management Senior Associate

Job Description

<strong><u>Job Purpose</u></strong><p><br></p>IT Vulnerability Management Senior Associate is responsible for managing and coordinating the organizations vulnerability management program and ensuring timely patching of systems and applications. Work closely with cross-functional teams to identify, assess, and remediate vulnerabilities, as well as implement robust patch management processes. Effectively collaborate with various stakeholders to enhance the company’s IT security posture<p><br></p><strong><u>Key Responsibilities</u></strong><p><br></p><ul><li> Develop and implement a comprehensive vulnerability management program, including vulnerability scanning, assessment, prioritization, and active remediation.</li><li> Coordinate and conduct regular vulnerability assessments and penetration testing on systems, applications, and network infrastructure.</li><li> Plan and execute vulnerability mitigation efforts, including patching and configuration changes across systems and applications.</li><li> Establish and maintain processes for tracking, prioritizing, and applying security patches and updates to systems and applications, actively participating in the patch management process.</li><li> Monitor industry sources for new vulnerabilities and emerging threats, assess their impact on the organization, and drive proactive remediation efforts.</li><li> Maintain vulnerability and patch management tools and systems, ensuring they are up-to-date and functioning effectively.</li><li> Develop and maintain vulnerability and patch management documentation, including policies, procedures, and standards.</li><li> Provide guidance and support to IT teams in vulnerability and patch management best practices and methodologies.</li><li> Collaborate with internal teams and external vendors to address vulnerabilities and apply patches in accordance with the organizations change management processes.</li><li> Stay updated on the latest trends and technologies in vulnerability management, patch management, and IT security.</li><li> Actively participate in incident response efforts related to vulnerability or patch management incidents, including investigations and leading remediation efforts.</li><li> Ensure vulnerability and patch management compliance with relevant regulatory requirements and industry standards, actively working towards meeting and maintaining compliance.</li></ul><p><br></p><strong>Governance </strong><p><br></p><ul><li> Maintain awareness and adherence to the functional/functional tower’s policies and procedures</li><li> Participate in the periodic audit of the established policies and procedures</li></ul><p><br></p><strong>Management Reporting</strong><p><br></p><ul><li> Support the development of periodic reports, as requested.</li><li> Highlight any quality or non-compliance issues observed.</li></ul><p><br></p><strong>Change Management</strong><p><br></p><ul><li> Support the execution of change management activities in the sub-function/function</li></ul><p><br></p><strong>Technology Management</strong><p><br></p><ul><li> Support in the process of identifying technology-related needs in the sub-function/function that helps drive automation within direct line of work</li></ul><p><br></p><strong>Professional Development</strong><p><br></p><ul><li> Proactively identify and seek professional development opportunities to improve technical skills pertaining to the direct line of work and in line with the company’s values</li><li> Participate in performance appraisals and reflect on the feedback and recommendations provided by the line manager for development</li></ul><p><br></p><strong><u>Requirements</u></strong><p><br></p><strong>ACADEMIC QUALIFICATIONS</strong><p><br></p><ul><li> Bachelor’s degree in information technology or a related field.</li><li> Relevant professional certification</li></ul><p><br></p><strong><u>Professional Experience</u></strong><p><br></p><ul><li> Minimum 8-10 years of experience in IT Vulnerability Management, Patch Management, or IT Security.</li><li> Strong know company of vulnerability management frameworks, tools, and best practices.</li><li> Experience in conducting vulnerability assessments, penetration testing, and risk assessments.</li><li> Familiarity with vulnerability scanning tools and technologies, such as Nessus, Qualys, or similar.</li><li> Solid understanding of patch management processes and methodologies.</li><li> Proficient in interpreting vulnerability assessment results and identifying remediation actions.</li><li> Strong communication skills, both verbal and written, with the ability to effectively collaborate with cross-functional teams.</li><li> Know company of regulatory requirements and industry standards related to vulnerability and patch management (e.g., ISO 27001, NIST).</li><li> Ability to prioritize tasks, work independently, and meet deadlines in a fast-paced environment.</li><li> Strong problem-solving and analytical skills with meticulous attention to detail.</li><li> Familiarity with cloud computing, data privacy, and security principles</li></ul><p><br></p>