Share this Job

Sr Vulnerability Management Analyst

Date: Jul 18, 2022

Location: Muntinlupa City, National Capital Region (NCR), PH, 1781

Company: W. R. Grace & Co.

Job Description

We are seeking a highly motivated Sr. Vulnerability Management Analyst to be part of the Global Cyber Security Team tasked with implementing and managing the global Vulnerability Management Program for Standard Industries and its operating companies.

This individual will ensure that vulnerabilities are properly identified and remediated in a timely manner in accordance with the established SLAs and with the goal of keeping Standard’s infrastructure secure.

S/he will be developing Key Performance Indicators for Vulnerability Management, coordinating scanning schedules, and administering the scanning technologies. This position will report to the Global Vulnerability Manager.
 

Responsibilities

  • Performing automated and manual vulnerability analysis against a variety of systems including infrastructure and applications
  • Improving vulnerability management lifecycle processes, including Discovery, Assets Prioritization, Vulnerability Assessment, Reporting, Remediation, and Validation
  • Partnering with the Global Cyber Security Team and IT infrastructure professionals to assess potential impact and likelihood of vulnerabilities and prioritize remediation activities
  • Driving program maturity, reducing the time to vulnerability remediation by integrating technology platforms and automating processes 

Required Qualifications

  • 5-7 years of prior Information Security experience
  • Knowledge and expertise in Vulnerability Management or related fields
  • Strong knowledge of vulnerability scanning tools, including configuration, maintenance, and scan execution
  • Detailed knowledge of the Vulnerability Management life-cycle including vulnerability identification, false negative/positive identification, and elimination
  • Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVEs), Common Vulnerability Scoring System (CVSS), and Open Web Application Security Project (OWASP)
  • Knowledge of technology and security domains including operating systems, network security, application security, infrastructure hardening, and security baselines
  • Must be amenable to shifting schedules.
  • Willingness to learn, discover, experiment
  • Comfort working as a team player in a start-up environment where no job is too small
  • A sense of humor