In this position, you will be tasked with setting up scans, investigating emerging threats, performing risk assessments, managing the remediation of identified risks, and reporting on compliance levels while identifying areas for improvement across the organisation. Given the rapidly expanding technological environment and evolving threat landscape, this role demands a proactive, quick learner who is meticulous and well-organised.
You will collaborate with various teams to effectively communicate and address risks, while advocating for the adoption of secure technologies that align with established security standards.
Role Objectives:
* Triage vulnerability alerts from security tools, external intelligence providers, penetration tests, and user-reported findings to assess impact to the organisation.
* Configure network, infrastructure, and/or application vulnerability scans and policy checks and conduct manual testing as needed to validate findings.
* Liaise with various business units to conduct vulnerability assessments, consult on risk reduction strategies, and supervise remediation such that vulnerabilities are addressed within required time-lines.
* Conduct attack surface risk modelling and articulate high-risk areas to stakeholders in collaboration with Threat Intelligence and Threat Hunting functions.
* Assist in production of periodic vulnerability management reports and statistics for management.
* Tune vulnerability management tools to increase coverage, reduce false positives and false negatives, and improve processes.
* Liaise with Optimisation team to set up detection’s and mitigation’s i.e., Intrusion Prevention Systems, ensuring we have signatures in place to protect us from relevant threats.
Qualifications And Skills:
* 2+ years of security, IT, compliance, audit, risk management, consulting, or application development experience.
* Bachelor of Information Technology, Computer Science, or similar preferable.
* Strong understanding of MITRE ATT&CK framework.
* In-depth knowledge of network and web-based attacks
* Diligent, proactive, and strong attention to detail.
* Ability to work with large data sets, multi-task, and effectively prioritise tasks.
* Strong critical analysis and problem-solving abilities.
* Strong interpersonal and communication skills (written and verbal).
* Ability to multi-task and remain productive in a service-driven and results oriented environment.
* Demonstrated strong organisational, analytical, and problem-solving skills.
* Ability to script tasks and automate processes is a plus.
Working knowledge of cloud technologies and containerised environments is a plus.
#J-18808-Ljbffr