Attack Surface Management Manager

Experian Cyber Fusion Centre are looking for a new Manager of Attack Surface Management (ASM) to play a crucial role in our cybersecurity strategy.

You will guide the success of the Continuous Threat Exposure Management (CTEM) program and build business engagement across global teams. You will ensure CTEM delivers reliable applicable insights by defining and maintaining processes integrating services with enterprise systems.

Equally critical is leading the Business Engagement Team to establish trusted partnerships with regional infrastructure and application partners aligning vulnerability management strategies with priorities. Through technical leadership and strategic influence you will strengthen Experians security posture and reduce risk across its global attack surface.

This is an UK based remote position reporting to the Information Security Director for Cloud and Attack Surface Management.

Primary Focus:-

Lead CTEM Service Delivery: Manage processes for the Continuous Threat Exposure Management (CTEM) service and its provider. Ensure integration with Experian systems delivering reliable and applicable security insights that inform risk reduction across the enterprise.

Business Engagement: You will manage the Business Engagement Team and Service providing expertise and strategic direction. Cultivate partnerships with regional infrastructure and application teams to ensure the vulnerability management strategy is understood agreed upon and implemented.

Other Responsibilities:-

• Maintain risk stratification model to guide vulnerability prioritization based on threat and asset criticality; Identify vulnerability prioritization and asset coverage trends escalating to senior leadership when vulnerability trends are not improving over time.
• Help with response to cybersecurity incidents or threat informed actions ensuring accurate identification of applicable internal and external risks. Will use a broad and diverse combination of tools techniques and data sources to support highest confidence in attack surface discovery.
• Guide team members daily project and operational activities
• Contribute to security and technology strategic planning to mature our programmes
• Work with Risk & Compliance teams on SOC 2 PCI DSS HIPAA and other audits.
• Research and recommend policy and procedures as they relate to Attack Surface Management

Qualifications :

• Expert experience supporting Attack Surface Management in vulnerability remediation and mitigation as it applies to the following.
  • Common web applications APIs misconfigurations hosts mobile Internet of Things endpoints infrastructure cloud network appliance OS firmware and software supply-chain.
• Management experience in an enterprise-level cybersecurity function.
• Experience engaging and presenting security topics at senior levels in an enterprise organization
• Experience managing Risk-Based Vulnerability Management models.
• In-depth knowledge of architecture engineering and operations of one or more vulnerability management tools such as: Qualys Rapid7 Tanium Axonius Armis or other.
• Experience applying the following models to an enterprise security program: CMMI ISO/IEC 2700 OWASP SAMM NIST SMM SANS Security Maturity Model.
• Experience developing security reports trends and metrics analysis.
• Experience with the application of some of the following frameworks - SANS NIST 800-61 CVSS CIS OSSTM ISO 27001 MITRE ATT&CK PCI HIPAA GDPR or similar.
• Experience with cloud security practices
• Experience with business and technical requirements analysis business process modeling/mapping methodology development and data mapping

Additional Information :

Benefits package includes:

• Great compensation package and discretionary bonus plan
• Core benefits include pension bupa healthcare sharesave scheme and more
• 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their gender ethnicity religion colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Remote Work :

Yes

Employment Type :

Full-time