Role Profile:
The Senior Security Analyst will be responsible for guiding and handling the Vulnerability Management (VM) Plan, ensuring the coordination, monitoring, and support of activities related to VM, Cloud Security, Penetration Testing, security patching, and remediation management. This role requires a strategic problem solver with deep technical skills and the ability to collaborate across various teams to improve the organisation's security posture.
Key Responsibilities:
1. Vulnerability Management: Tactically guide the VM Plan, coordinating and supporting activities in VM, Cloud Security, Pen Testing, security patching, and remediation management.
2. Roadmap Development: Provide input, prepare, and update the VM roadmap. Develop, maintain, and publish project plans and operation schedules.
3. Reporting: Provide status reports to Cyber Security leadership on VM metrics, key risk indicators, trends, and compliance.
4. Solution Proposals: Propose VM concepts and solutions, prepare presentations, and coordinate vendor demonstrations.
5. Standard Operating Procedures (SOPs): Create and maintain SOPs for VM, providing technical knowledge to operations and production support teams.
6. Collaboration: Work closely with Vulnerability Assessment & Pentesting teams to analyse results and threat feeds, reacting appropriately to security weaknesses or vulnerabilities.
7. Technical Documentation: Prepare and maintain technical documentation of the VM programme, including requirements, architecture designs, network topology, applications, and application security designs.
8. Policy Collaboration: Collaborate on Information Security policies, standards, and baselines, contributing to compliance measurement efforts.
9. Governance Reporting: Collaborate on and provide VM results and metrics for consistent reporting for governance purposes. Coordinate remediation plans and activities.
Qualifications:
1. Bachelor's degree in Computer Science, Information Security, or a related field.
2. Proven track record in cybersecurity, with a focus on vulnerability management and cloud security.
3. Solid grasp of VM tools and technologies.
4. Experience with security patching and remediation management.
5. Excellent analytical and problem-solving skills.
6. Good communication and presentation skills.
7. Ability to work cross-functionally with multi-functional teams.
Preferred Qualifications:
1. Relevant certifications such as CISSP, CISM, or CEH.
2. Experience with cloud security platforms (e.g., AWS, Azure).
3. Knowledge of regulatory compliance requirements (e.g., GDPR, HIPAA).
#J-18808-Ljbffr