Job Responsibilities:
Assist the CTVM Manager in assessing and ensuring the management of cyber threats and vulnerabilities, as well as the implementation of security controls.
Expected outcome:
Proactive enterprise CTVM program to ensure digital assets and IT environment are secured and resilient.
Job Duties:
- Assist the Manager with the planning, analysis, development of framework and deployment of CTVM program.
- Assist in continuous day-to-day operations of CTVMprogramincluding managing external CTVM service providers and scoping, scheduling, scanning, prioritizing and remediating IT vulnerabilities
- Assist in maintaining a current and comprehensive inventory of all IT hardware and software within the IT environment, including cloud.
- Assist in ensuring periodic static application security testing (SAST), dynamic application security testing (DAST) or any form of application security testing is conducted.
- Assist the Manager in maintaining current cyber threat model
- Assist in identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes
- Assist in the development of policies, procedures and standard operating models for the CTVM program.
- Assist in tracking key performance indicators (KPIs) and key risk indicators (KRIs).
- Assist in data collection and maintenance of technical and management cyber security dashboard.
- Assist in the preparation of periodic reporting to management on the outcomes of the CTVM program.
- Provide technical advisory services to our stakeholders to ensure an enterprise-wide resilient IT environment with regard to cyber security.
Essential Qualifications & Technical CompetenceFormal Education
•Minimum Bachelor’s Degree or Equivalent with specialization in Computer Science / IT Security/ Cyber Security.
Work Experience
• 2 to 3 years of working experience in IT or Cyber Security domains specifically in cyber threat and vulnerability management and cyber threat intelligence.
Skills/ KnowledgeCompetencies:•Reasonableunderstanding of end-to-end cyber threat and vulnerability management processes (e.g.;VM lifecycle) about on-prem IT infrastructure security, application security and cloud security.•Reasonableunderstanding of security frameworks such as ISO27001, NIST Cybersecurity Framework, Centre for Internet Skills:- Threat analysis and Vulnerability management