Threat and Vulnerability Management Lead - Encore Capital Group San Diego, CA, USA Bookmark Share Print 1414 0 3

Listing Description

The Threat and Vulnerability Management (TVM) Lead will design and build a sustainable Threat handling and vulnerability management program alongside an incredible team of highly motivated and passionate security practitioners. The main focus of the role is to design a capability that will ingest threat intelligence and manage vulnerabilities through treatment. The key needs of the program are to develop an ability to assess potential threat impact, work with control teams to adjust as needed, assess and evaluate vulnerabilities through automated scanning as well as specific offensive penetration and red team. This position requires deep analytical skills as well as a robust understanding of technology, tools, adversarial techniques and countermeasures. The incumbent must be competent to work at a high level and in the technical detail to build a program consisting of robust process, leading technology, and mentoring team members.

RESPONSIBILITIES

·         Lead the design, build, and day-to-day operations of a threat and vulnerability management program

·         Lead threat intelligence and counter threat control management

·         Develop processes, playbooks, and run-books for threat intelligence and vulnerability management practices

·         Review and analyze cyber threats and provide SME support and training to junior level security analysts

• Serve as the subject matter expert for the threat and vulnerability platform and metrics reporting
• Early informer of critical vulnerabilities and exposures relevant to safeguarding the company’s information assets
• Provide in-depth analysis of vulnerabilities and impacts to key stakeholders
• Influence stakeholders to prioritize and execute risk management initiatives, and drive remediation of process and technology gaps
• Lead critical vulnerability identification and response exercises

·         Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents

·         Act as a liaison between cyber engineering, architecture, network & system operations, and functional project teams to ensure effective project implementation that meets TVM requirements

·         Work with colleagues in other technology departments as well as the business and remote offices to establish effective, productive business relationships

·         Proactively identify opportunities to minimize cyber threats and increase our ability to respond. 

 MINIMUM REQUIREMENTS

• 8+ years experience in security operations
• 3 - 5+ years of related experience in cybersecurity engineering and network defense
• Offensive security experience a huge plus
• Proven subject matter expertise in relevant areas, such as threat intelligence, penetration testing, intrusion analysis, incident handling, malware analysis or security engineering
• Demonstrated experience in an enterprise-level TVM team or security operations center.
• Strong knowledge of malware families, application, network, and cloud attack vectors
• Strong knowledge of Linux, Windows, and MacOS
• Strong working knowledge of scripting and common security tools, such as a SIEM, EDR, vuln scanners, WAF, netflow, IDS, and forensics tools
• Advanced technical knowledge associated with various operating systems, network services and applications along with a deep understanding of logging components and capabilities
• Strong interpersonal and leadership skills to influence and build credibility as a leader
• Possess a demonstrated sense of urgency with the ability to perform well under pressure
• Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to different (including executive) audiences
• Bachelor's degree in computer science, information systems, or a related technical discipline or equivalent professional experience directly related to information security, cyber, or computer network defense
• Relevant security related certifications a plus: CISSP, GCIA, CEH, GSEC, GCIH, GCED, GCFA