Vulnerability Management Analyst
Vulnerability Management Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Division
As a global critical financial infrastructure the protection of Euroclear information and assets is fundamental to the companys business. Security is at the core of our services firmly embedded in the management systems and processes of the company. You will be joining our CISO division in charge of putting in place the required controls to adequately and effectively protect our information assets.
You will join the Offensive Security Centerthat manages and coordinates:
- Penetration testing
- Red team Exercises
- Purple team Exercises
- Staticand DynamicCode Analysis
- Vulnerability Management
The main responsibilities:
- Support Vulnerability prioritisation with analysis and assessment of vulnerability and configuration compliance data; identify high risk vulnerabilities or false positives
- Actively contribute to the configuration of the detection tool to the permanent quality assessment of this configuration and of linked processes; in this context you proactively identify potential gaps and propose remediations when needed
- Create / maintain necessary documentation and procedures.
- Assist in findings clarifications for trends in vulnerability scan results and for (active) threats requiring investigation.
- Monitor vulnerabilities identified by internal and external scanning and other vulnerability detection tools.
- Collaborate and exchange relevant information with relevant teams like Threat Intel team Pentest team Application Security team or Customer Risk team.
- Collaborate with Patch Orchestration Team to get insights and assurance on highriskremediation.
- Assist in highrisk vulnerability assessments (in collaboration with the Threat Intelligence team and Risk Management)
- Collaborate with the Security Exception Review Board to provide expertise on vulnerability exception requests made by Product Owners and manage exceptions
- Provide on demand information to stakeholders
In this role you will come in contact with the endtoend process from vulnerability detection to remediation. Within the team your focus will be on
1) participating to the configuration of the tools mainly (but not only) for compliance checks (automation of some TSB CIS baselines); make sure that operational activities related to those checks are properly documented and executed
2) performing vulnerability and threat assessments mainly in collaboration with the Cyber Threat Management team as well as the Pentest team
3) acting as an expert sharing your knowledge with the team and delivering expert advice to the Security Exception Review Board. You will work in a team of motivated vulnerability intelligence analysts who will support you asneeded.
The ideal candidate also has good logical reasoning skills. He has experience in any of the following domains: vulnerability management penetration testing SAST DAST threat intelligence or has a strong interest with a relevant background and holds relevant certifications or is willing to obtain certifications.
Technical skills
- Good understanding of security practices and risk management
- Basic understanding of Network security Unix/Linux and Windows Operating Systems and general security practices (proven experience in these domains is a plus)
- Hands on experience with Rapid7 InsightVM is a plus
- Python scripting / Ansible are a plus
- Experience in auditing is a plus
- CISSP GIAC CEH COMPTIA or other relevant security certification is a plus
Soft skills
- Customer friendliness is important as you will have interactions with various stakeholders on different levels.
- Proactiveness monitor quality of what we deliver and identify improvements where needed ensure qualitative documentation be transparent on difficulties you encounter keep track of your tasks and report proactively on status...
- Analytical; Be able to analyze complex data identify priority solutions to implement and vulnerabilities to remediate. Gain understanding of threat levels.
- Teamplayer; in this role you will closely work together with the other members of your team. As such an open respectful and constructive communication is required and willingness to work towards the common team goals as first priority.
- Be a good communicator in English both verbal and written
- Be able to work independently responsibly and professionally with highly confidential information.
#LINS1
Required Experience:
IC
Employment Type
Full Time
