Listing Description
Act as an adviser for the risk management group supporting them to properly size and integrate the cybervsecurity risk into the global enterprise risk management.
Provide vision, strategy, project management, and innovation for the vulnerability management functions at AES, expanding the capabilities of the company year over year
Develop a five years strategic road map with a vulnerability management maturity milestones based on enterprise risk reduction
Develop and coach the functions manager/lead to in their roles
Create a human resource plan to support the maturity road map cycle with the respective job descriptions and lined up to the hiring process in order to have the right resource available when starting a new workstream for the vulnerability management program.
Support the workstream managers/lead developing them and creating a career path for each of key roles
Manage vulnerability management program supervising the scanning functions, code review, firewall review ensuring regular scanning and review of assets and applications to identify network, infrastructure, and configuration vulnerabilities
Engage with leadership throughout IT and business owner organizations to continuously enhance and communicate the importance of vulnerability remediation from a technical perspective
Determine a method or system for consistent tracking and review of open vulnerabilities
Build and develop a summary monthly report identifying all vulnerabilities, manage metrics, and support their remediation to better protect the AES technology infrastructure
Responsible for architecting, building, deploying and maintaining the vulnerability management infrastructure within the organization
Promotes expansion of vulnerability management scope into new environments and businesses according AES long term strategy
Oversees and performs analysis of vulnerability results
Works to identify asset owners for vulnerable devices
Develops risk based remediation plans for vulnerabilities, prioritizing priorities for responsible teams
Provides consultative services to business leaders on risk related vulnerabilities
Develops and coordinates containment plans for newly identified vulnerabilities that may create a risk for the organization2+ years of experience as a manager with emphasis on Vulnerability manager role and technical solutions highly preferred
At least two years of experience with vulnerability management and remediation
7+ years of cyber security experience specifically working in the information security field
Knowledge of network infrastructure technology
Understanding of complex process flows and decision matrices
Technical knowledge of infrastructure and network and system vulnerability vulnerabilities
Good understanding of Information Security standards, frameworks, and best practices
People management and leadership skills
Effective Program Management skills
Expertise in relationship building with partners
Exemplary interpersonal communications (both written and verbal) skills
Ability to lead by example and influence change
Experience with vulnerability scanning tools, such as Qualys, Nessus, Rapid7, etc.
Experience in building or developing a vulnerability management program
Must be legally authorized to work in the United States for any employer without sponsorship
Listing Details
- Salary: $130000 - $150000
- Citizenship: No Requirements
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: Travel 25
- Telework: Optional Telecommute