• IdealStaffs

Vulnerability Management Specialist (Valencia/REMOTE)

Client: United Nations

Location: Valencia or REMOTE only CET +1/2 Time zone

Position: Consultant

State: ASAP

End of Application: 20th May 2022



To apply for this position, please send your resume at office@idealstaffs.com referencing the job title.


IdealStaffs Consulting is looking for a Vulnerability Management Specialist to:

  • Ensure the ongoing effective operation of the vulnerability management platform,

  • Prioritize vulnerabilities in the environment,

  • Communicate vulnerability status to stakeholders, and

  • Ensures effective integration with other tools and systems in the customer environment.


Duties and responsibilities:

  • Works within client's Security team, interacting directly with both internal and external stakeholders to address issues related to remediation of vulnerability scanning and security assessment.

  • Communicate recommendations for system improvements and ensure that the operational processes for mitigating risk due to vulnerabilities are functioning and enhanced.

  • Provide support activities focused on helping key stakeholders understand their vulnerability results, providing guidance on the remediation, and evaluating false positives.

  • Manages vulnerability platform, license utilization, agent deployments, system components, and integrations.

  • Develop vulnerability reports and dashboards to provide new insight into existing vulnerabilities.

  • Implement various levels of automation among tools in the SOC’s cyber security ecosystem and/or the client's infrastructure to improve the effectiveness and efficiency of vulnerability management.

  • Routinely analyze and update cybersecurity documentation, including security policies, plans, and procedures.

  • Conduct vulnerability scanning and assessment functions relating to various clients, environments, technologies, systems and contexts.

  • Perform other related duties and fulfil responsibilities as required.


Essential Knowledge and Skills:

  • Strong analytical and problem-solving skills.

  • Ability to act calmly and competently in high-pressure, high-stress situations.

  • Excellent written and verbal communication skills, interpersonal and collaborative skills.

  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.

  • High level of initiative, accountability, attention to detail, ability to follow processes and to work with little supervision.

  • Proactive, flexible attitude to work with a willingness to constantly review and improve skills and process.

  • Scripting experience, mainly Python scripting.


Desirable Knowledge and Skills:

  • Experience in working in a distributed multi-cultural environment.

  • Project management skills and ability to manage multiple projects under strict timelines.


Essential Education:

  • Graduation from secondary school supplemented by specialized training and work experience in Cyber security/IT Security.


Desirable Education:

  • Bachelor's degree in Computer Science, Engineering or equivalent work experience required.

  • GCIH, GCIA, GPEN, GWAPT, GAWN, GMOB, OSCP, OSEP, OSWP, OSWE, OSCE, CISSP, CCSP, ITIL Certifications.


Essential Experience:

  • +5 years of relevant IT experience with at least 3 of those years in vulnerability management.

  • Proven experience with network vulnerability scanning and vulnerability management products (e.g. Qualys Guard, Rapid7, Nessus).

  • Proven experience with web application security testing tools (e.g. Burp Suite, NetSparker, Paros, Acunetix, Qualys WAS).

  • Proven experience with configuration management/ hardening tools based on CIS Benchmarks (e.g. CIS-CAT Pro, Qualys SCA App, Nessus audit files etc…)

  • Strong working knowledge of UNIX/Linux and Windows operating systems including web server technologies like IIS, Apache.

  • Knowledge of IT security architecture/infrastructure best practices for both on premise and cloud environments.

  • Knowledge of public-key cryptography, encoding, encryption, and hashing techniques.

  • Knowledge of IT security / hardening best practices; including but not limited to operating systems, web applications, and network devices.


Desirable Experience:

  • Experience in implementing cyber security controls to achieve compliance with ISO 27001 and other cyber security control frameworks.


Languages:

  • Expert knowledge of English is required.

  • Knowledge of another UN language is desirable.



To apply for this position, please send your resume at office@idealstaffs.com referencing the job title.



433 views0 comments