Vulnerability Management Resume Samples

4.5 (108 votes) for Vulnerability Management Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the vulnerability management job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
BK
B Kerluke
Bettie
Kerluke
919 Gerlach Square
Detroit
MI
+1 (555) 137 3077
919 Gerlach Square
Detroit
MI
Phone
p +1 (555) 137 3077
Experience Experience
Dallas, TX
Senior Threat Vulnerability Management
Dallas, TX
Keebler-Prohaska
Dallas, TX
Senior Threat Vulnerability Management
  • Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
  • Help build/improve an exception process to manage policy compliance deviation
  • Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
  • Working knowledge in RegEx
  • In-depth knowledge of network appliances (Firewalls, router & switches)
  • Work with technology owners to validate the policy compliance profiles
  • Perform policy compliance scans and deliver reports to the technology owners
Detroit, MI
Senior Manager, Vulnerability Management
Detroit, MI
Kutch LLC
Detroit, MI
Senior Manager, Vulnerability Management
  • Effective as an individual contributor, working in teams, building consensus, working in a matrixed environment
  • Background in IT development, engineering, operations, or some combination thereof
  • Keeps abreast of industry best practices, vendor capabilities and academic frameworks to sustain best-in-class program
  • 3+ years working in information security
  • Moderate (mid-career) working proficiency across all major domains of information security
  • Supports the budget and resource forecasting process
  • Partner and collaborate with business and technology teams to provide security expertise as the business teams develop remediation solutions for security threats and vulnerabilities
present
Chicago, IL
Cybersecurity Vulnerability Management Lead
Chicago, IL
Lakin-Carroll
present
Chicago, IL
Cybersecurity Vulnerability Management Lead
present
  • Develop long term relationships and partnerships with other enabling teams (i.e. other firmwide technical teams)
  • Proactively manage relationships with stakeholders through effective communication, including interactions with EDs and MDs on a regular basis
  • Assimilate technical data, work with large datasets and translate into layman terms
  • Employ defense-in-depth principles along the kill chain to eliminate risk and vulnerabilities and improve security controls
  • Works with LOB representatives to ensure remediation efforts adhere to corporate policies
  • Provide best security practices and implementations of these concepts across complex environments
  • Interface with and support the work of the Cybersecurity GRC Risk and Control teams, and contribute to overall Cybersecurity GRC goals and objectives
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Ball State University
Bachelor’s Degree in Computer Science
Skills Skills
  • Ability to think strategically, work with a sense of urgency and attention to detail
  • Demonstrated ability to be reliable and flexible
  • Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks
  • Strong interpersonal and customer skills including incident resolution, response and escalation
  • Flexible and adaptable in response to changing demands
  • Excellent written and verbal communication and organizational skills
  • People management experience would be an added advantage
  • Experience in a fast paced, high stress environment
  • Experience assisting the development and maintenance of tools, procedures, and documentation
  • Demonstrated analytical, problem solving, and prioritization skills
Create a Resume in Minutes

15 Vulnerability Management resume templates

1

Threat & Vulnerability Management Resume Examples & Samples

  • Perform daily operational monitoring, analysis and reporting of security events from multiple Security Information Monitoring tools and methods for malicious or suspicious activity
  • Communicate and escalate issues and incidents as required by process or management
  • The creation of custom scripts, alerts and processes based on security events and threats
  • Collaborate with CCB Cyber Security, Global Technology Infrastructure, Corporate Cyber teams, and Line of Business Information Risk Management teams for issue resolution and mitigation
  • Document actions taken within approved event tracking systems
  • Work with CCB Cyber Security teams on control testing, validation and recertification
  • Support innovation and enhancement efforts within the CCB Cyber Security function. Qualifications
  • Experience assisting the development and maintenance of tools, procedures, and documentation
  • Experience in a fast paced, high stress environment
  • Ability to think strategically, work with a sense of urgency and attention to detail
  • Demonstrated ability to be reliable and flexible
  • Demonstrated analytical, problem solving, and prioritization skills
  • Network, Security, or Platform certification(s) (S , N , MCSP, CNA)
  • CISSP or SANS GIAC GCIA certification
2

Vulnerability Management Lead Resume Examples & Samples

  • Establish a single framework that allows us to more towards one vulnerability management process which is leveraged by all assessment methodologies
  • Accomplish real-time security vulnerability management to identify and prioritize vulnerabilities
  • Respond to and address prioritized vulnerabilities
3

Vulnerability Management Resume Examples & Samples

  • Establish a Risk Management Framework that will be used to assess vulnerabilities against AOL systems to determine risk level and mitigation strategy
  • Plan, develop, and execute vulnerability scans of organization information systems
  • Analyze data from threat and vulnerability feeds and analyze data for applicability to the AOL environment
  • Monitor for and review vendor patches for applicability and impact to AOL network and systems
  • Identify and resolve false positive findings in assessment results
  • Manages enterprise vulnerability assessments and configuration patch and vulnerability scanning tools
  • Generate reports on assessment findings/patch compliance and summarize information to facilitate remediation tasks
  • Manage risk by analyzing technology security threats and potential impacts to the business and help define solutions to mitigate exposure by leveraging expert analytical and technical skills
  • Build and maintain a comprehensive process to care for all vulnerabilities that impact AOL business process
  • Respond to & manage remediation of prioritized vulnerabilities and unpatched systems
  • Develop a clear picture of the risks against our assets, business areas, brands
  • Provide critical analyses and information from vulnerability data which can be leveraged to enhance the security of our products
  • Work closely with Security Awareness contact to socialize awareness of new vulnerabilities and threats by leveraging threat alerting services and industry research
  • Manage tracking and remediation of vulnerabilities by leveraging agreed upon action plans and timelines with responsible technology developers and support teams
4

CND Vulnerability Management Lead Resume Examples & Samples

  • Day-to-Day management of team operations
  • Oversight of the vulnerability management process
  • Management of the vulnerability scanning process
  • Creation of technically detailed reports on the status of Information Assurance Vulnerability Alerts (IAVA), Information Assurance Vulnerability Bulletins (IAVABs), Host Based System Security information (HBSS), and current threats based on open source information
  • Provides recommendations on improving the security posture of the client’s enterprise
  • Assist in troubleshooting and problem solving a wide variety of client issues
  • Ability to maintain an active clearance
  • Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, professional training, or work experience
  • DOD 8570 Compliance, or the ability to quickly obtain the security certifications: Security+, and CEH
  • Minimum of ten years vulnerability management experience
  • Experience in the following technologies: Vulnerability Scanner, Vulnerability Management System, Host Based Security System, Patch Management, and Intrusion Detection/Prevention
  • Experience in developing, refining, and performing vulnerability management at an enterprise level
  • Ability to demonstrate strong knowledge of computer security concepts
  • Demonstrated ability to document processes and procedures
  • Initiative and a personal interest in Information Technology Security
  • People skills, and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Systems Auditor (CISA) or GIAC Certified Network Auditor
  • Security Operations Center (SOC) experience
  • Prior experience with tools such as DISA Assured Compliance Assessment Solutions (ACAS), eEye Retina and Retina Enterprise Manager (REM), DISA Vulnerability Management System (VMS) and CORE Impact
  • Experience United States Cyber Command guidance on vulnerability management tactics, techniques, and procedures (TTPs)
  • An understanding of DOD information assurance policy and regulations
5

Vulnerability Management Director Resume Examples & Samples

  • Implement the enterprise-wide strategic Attack Surface Recon program under the direction of the Sr. Director, Attack Surface Management with an emphasis on creating a mature program with established key initiatives/projects focused on the reduction of technology risk within Visa
  • Operate as a Subject Matter Expert within the field
  • Lead and develop a team of direct reports
  • Develop solutions and solve complex/unique problems w/ regard to Visa’s Attack Surface
  • Be expected to regularly make decisions that impact the implementation of plans to achieve annual goals. Decision-making is a key activity associated with this role
  • Develop departmental plans, including business, production and/or organizational priorities and contribute to the development of the overall Attack Surface Management functional strategy
  • Work with IT and business teams to develop solutions that address root causes
  • Enhance existing Vulnerability Management, and Security Dashboard tools and processes to extend coverage, increase effectiveness and expand capabilities
  • Assist in the continued development of a world class Security Single Pane of Glass for Metrics, Reporting, Workflow, and Operational use of all relevant Attack Surface information
  • Work with diverse IT and business teams to assist in developing solutions to remediate identified vulnerabilities and misconfigurations in a risk prioritized, effective and efficient fashion
  • Prioritize and implement process and tools to provide for the continuous analysis of security threat information (viruses, industry events, hackers and zero day exploits, OEM weaknesses, etc.) in order to proactively assess and investigate existing as well as emerging vulnerabilities and their potential impact to Visa
  • Coordinate technical aspects of vulnerability response in support of Audit, Legal, Human Resources, Corporate Security and Executives
  • Leadership in the continued evolution of a data model and data architecture to support the Vulnerability Management Program; devise and implement key risk indicators, metrics and reporting across all vectors with the goal of identifying current threats and Visa’s ability to defend against those threats
  • Possess the ability to effectively identify, evaluate and communicate new and ongoing security issues and risks to senior management
  • Minimum Bachelor’s Degree in Computer Science (or related field) or equivalent work experience
  • 12-15 years of experience in Information Security with experience in vulnerability management, security configurations management, metrics and risk dashboards
  • Should have leadership experience of both direct and cross functional teams, as a well as possess strong technical security skills and comprehension of security and risk
  • Be able to manage complex projects and diverse teams of both direct and indirect reports
  • Familiarity with Vulnerability Management tools such as Qualys QualysGuard, nCircle IP360, McAfee Foundstone, Tenable Nessus, etc
  • Familiar with Policy Compliance tools such as Qualys QualysGuard, Symantec CCS, Microsoft SCM, etc
  • Familiar with Web Application Scanning tools such as WhiteHat, IBM Appscan, HP WebInspect, etc
  • Familiar with Security Single Pane of Glass implementations or frameworks such as RSA Archer, Modulo, Risk I/O, etc
  • Extensive knowledge and experience with diverse IT architectures and enterprise IT data centers, large scale transaction processing environments, external hosted services and cloud computing environments. Extensive knowledge and experience with physical and virtual server configurations and implementations
  • Extensive experience working with
  • Security management tools (i.e. vulnerability scanners, file integrity monitoring, configuration monitoring, etc.)
  • Perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.)
  • Extensive knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)
  • Knowledge of and experience with applying Common Weakness Enumeration (CWE), Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVS and Open Web Application Security Project (OWASP) processes and remediation recommendations
  • Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database and application servers, for both custom and off the shelf applications
  • Must be both a self-starter and team player with the ability to work independently with limited supervision
  • Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively
  • Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines
  • Security-related certifications a plus
6

Vulnerability Management Lead Resume Examples & Samples

  • Work with computer operations to define standard operating system builds and configurations and develop effective build maintenance processes
  • Investigate solutions to automate server build, configuration and vulnerability patching
  • Maintain knowledge of in-the-wild vulnerability exploitation techniques, assess risk to enterprise and prioritize remediation
  • Develop long term server integrity strategies and solutions
  • Previous management experience in global organization
  • Strong ability to drive change in an organization
  • Abilities to create and implement processes that can scale
  • Familiarity with good security practices and implementation of these concepts in various scenarios
  • Ability to craft presentations and updates for senior management
7

Vulnerability Management Resume Examples & Samples

  • Assesses Security Advisories from multiple sources
  • Determines appropriate CVSS scoring
  • Serve as a technical escalation point for VM analysts
  • Owns the end to end process and works with engineering on the tools to enable the remediation of cyber vulnerabilities to the Firm
  • Minimum of five years experience with solid and demonstrable comprehension of Information Security including vulnerability & compliance tools and processes, associated vulnerabilities, awareness of emerging threats and attacks mapped to effective controls and/or Mitigation solutions
  • Multiple event correlation/analysis
  • Solid and demonstrable comprehension of end to end Vulnerability Management to include industry standards such as CVE, CPE, CVSS
  • Sound awareness of leading vendor products/applications from Oracle [Java], Adobe and Microsoft to include product lifecycle & release schedules
  • Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, database
  • Design and implementation experience of Operational process/workflow
  • Experience in large scale Enterprise technology environments
  • Experience assisting the resolution of customer escalations, incident handling, and response
  • Exposure to Regulatory & Audit compliance management
  • Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
  • Previous experience with remote team management
  • Demonstrable strong leadership skills
  • Previous 24 x 7 operations experience
8

AVP, Vulnerability Management Resume Examples & Samples

  • Lead and mentor Security Analysts and Engineers in pursuit of team objectives
  • Manage and implement Vulnerability Management tools and processes
  • Partner with other technical areas where necessary to ensure the vulnerabilities are understood
  • Identify and integrate with asset inventories
  • Perform analysis of the vulnerability scan results
  • Identify false positives
  • Provide remediation recommendations
  • Perform scans when required; scheduled and on demand
  • Engage relevant service delivery teams as required
  • Manage issues using issue tracking tools
  • Assist in security incident response when required
  • Participate in audits and assessments, providing evidence and supporting documentation
9

Vulnerability Management Resume Examples & Samples

  • Works with multiple data sources and inventory to assess impact
  • Articulates exposure and coordinates Mitigation solutions
  • Works with Cyber Engineering and Security Operations to implement Mitigation solutions and establish monitoring
  • Provides constant situational awareness
  • Solid and demonstrable comprehension of Information Security including vulnerability & compliance tools and processes, associated vulnerabilities, awareness of emerging threats and attacks mapped to effective controls and/or Mitigation solutions
  • Ability to assess and mine using data with correlation and analysis
  • Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, database,
10

Vulnerability Management SME Resume Examples & Samples

  • Minimum 3 year experience of working on Server OS Administration (Wintel + Unix + Linux)
  • Minimum 2 year experience on managing Patching / Vulnerability Management
  • Familiar with basic concepts of patching tools (BMC, IBM, Wsus or other)
  • Minimum 1 year experience on client facing roles
11

Senior Manager, Vulnerability Management Resume Examples & Samples

  • Background in IT development, engineering, operations, or some combination thereof
  • 3+ years working in information security
  • 5+ years working experience across IT and information security
  • Moderate (mid-career) working proficiency across all major domains of information security
  • BS or MS in Computer Science, Computer Engineering, Electrical Engineering, or related field; or BBA, MBA, or MIS and demonstrated significant prior work experience in the information security field
  • Demonstrated significant prior experience managing teams, projects, and/or programs
  • Demonstrated significant prior experience managing project scope, schedule, and cost, including basic finance, forecasting, and budgeting
  • Effective as an individual contributor, working in teams, building consensus, working in a matrixed environment
  • Effective communicator spoken, written, and visual media. Can readily distill and convey important technical concepts to less- (or non-) technical stakeholders
  • Able tohandle sensitive matters with the utmost discretion
  • Technical competence in network security, wireless security, database security, web and mobile application security, data protection, encryption, authentication, identity & access management, and the internet of things
  • Previous experience conducting or managing penetration tests, vulnerability scans, and the like
  • Previous experience with information security risk governance and vulnerability management processes
  • Previous knowledge of XFINITY Home and/or Comcast IT environments
  • Previous work on security systems or other hybrid physical / cyber security environments
  • Previous experience working with Comcast central information security department (IIS)
12

Vulnerability Management Lead-cybersecurity Resume Examples & Samples

  • Works with larger team to identify exposure, vulnerability assessment, and root cause of systemic issues leading to presence of vulnerabilities/hygiene issues
  • Configure and run automated vulnerability scanning tools, prioritize remediation, and track exceptions
  • Respond to and manage the results of third party server penetration tests
  • Develop and maintain server software inventories and manage application whitelisting solutions
  • Investigate, recommend and deploy virtual patching solutions
  • Communicate compliance issues to IT managers in an effective and appropriate manner
  • Report on information security metrics to demonstrate operating system integrity effectiveness and generally support Governance, Risk and Compliance activities as required
  • Excellent relationship/partnering skills with other enabling teams (i.e. other firm wide technical teams)
  • Ability to assimilate technical and voluminous data and translate into layman terms
  • Ability to work well under pressure and juggle multiple priorities
13

Cybersecurity Vulnerability Management Lead Resume Examples & Samples

  • Drives and coordinates timely remediation of security vulnerabilities across Line of Business functions
  • Works with LOB representatives to ensure remediation efforts adhere to corporate policies
  • Coordinates remediation of specific high visibility, critical vulnerabilities as detailed by the Service Delivery Lead
  • Support a wide variety of Cybersecurity initiatives within the Vulnerability Management/Risk Management arena
  • Utilize security / vulnerability scanning tools including Qualys and Symantec ESM
  • Support senior leadership enterprise-wide through both verbal and written communications
  • Develop long term relationships and partnerships with other enabling teams (i.e. other firmwide technical teams)
  • Provide strong project management efforts while able to take the initiative, work under pressure to deadlines, and to juggle multiple priorities
  • Provide best security practices and implementations of these concepts across complex environments
  • Assimilate technical data, work with large datasets and translate into layman terms
  • Comprehend and breakdown complex technical vulnerabilities
  • Communicate in a persuasive manner with diverse personnel at all levels of the organization
  • Experience within the Vulnerability Management/Risk Management arena
  • Good understanding of technology concepts across Windows, UNIX, Database (Oracle, MS SQL, Sybase) and Web
  • Good understanding of security / vulnerability scanning tools (eg. Qualys, Symantec ESM)
  • Strong project management/organizational skills
  • Able to take the initiative, work under pressure to deadlines, able to juggle multiple priorities
  • Good understanding of technology concepts
  • Familiarity with good security practices and implementation of these concepts across complex environments
  • Ability to assimilate technical data, work with large datasets and translate into layman terms
  • Strong attention to detail and data accuracy when undertaking data analysis
  • Self-motivated and operates with a high sense of urgency and a high level of integrity
  • Able to understand and breakdown complex problems
  • Current Certified Information Systems Security Professional (CISSP) or GIAC Security Essentials (GSEC) certification
  • Experience managing physical and/or virtual security programs on a broad scale
14

Enterprise Vulnerability Management Lead Resume Examples & Samples

  • Manage and direct contract support resources to efficiently facilitate the mitigation of system vulnerabilities
  • Influence system owners, IT custodians, and operations support teams to understand vulnerability impact and implement vulnerability mitigations in the most expedient manner possible
  • When needed, identify acceptable workarounds, solutions or exceptions to vulnerabilities that do not have straightforward mitigations (such as an OS patch or update)
  • Quickly discern accuracy of reported vulnerabilities disposition and when appropriate reprioritize criticality, remove false positives and work to address root cause of misaligned dispositions
  • Manage multiple different vulnerability mitigation projects in various states from targeted cleanup “sprints” to recurring ongoing vulnerability sweeps
  • Seek, share and implement best practices with the other internal business EVM leaders and potentially external industry partners
  • Identify and implement opportunities for continuous improvement of the EVM program
  • Provide thought leadership and direction on state-of-the-art EVM programs
  • Effectively lead, coach and mentor across all levels of workers from team members to contract resources to organizational peers to leadership to effectively bring about a world-class EVM program
  • Excellent communication, negotiating and influencing skills at all levels of the organization as well as with external organizations
  • Build a strong customer focused culture that focuses on delivering solutions in a productive, efficient manner, working across technologies and geographies
  • BS, BA, MSC or MBA in engineering, information technology, computer science or related technical field or equivalent
  • Strong, broad knowledge of enterprise platforms, enterprise systems, and enterprise client environments including but not limited to Windows, Linux, Solaris, Oracle, Apache, IIS, JBOSS, Java, Adobe, etc
  • Relevant professional experience leading an enterprise vulnerability management program preferably with strong hands-on technical solutions support for large and diverse user communities
  • Outstanding organizational, presentation & communication (oral & written) skills, fluent in English
  • Strong ownership and accountability with proven track record of execution
  • Budget & resource management experience
  • Hands on familiarity with network based vulnerability scanners such as Qualys and Veracode
  • Excellent networking skills and ability to work effectively in matrix organization
  • Demonstrated project ownership and accountability
  • Ability to learn complex systems and business processes and define requirements for solutions Self-starter & quick learner
15

Senior Threat Vulnerability Management Resume Examples & Samples

  • Responsible for defining, ratifying and maintaining a formal Threat & Vulnerability Management Program; and framework that defines the vulnerability priorities aligned with business criticality
  • Responsible for providing governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation
  • Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
  • Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
  • Translate Technical Security Standards into policy compliance profiles in enterprise security tool
  • Work with technology owners to validate the policy compliance profiles
  • Review the policy compliance scan results with stake holders
  • Onboard the assets for target technologies in enterprise security tool
  • Create required authentication records for target technology assets in enterprise security tool
  • Perform policy compliance scans and deliver reports to the technology owners
  • Help build/improve an exception process to manage policy compliance deviation
  • Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
  • Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to manage the TVM Team to develop and update as appropriate
  • Be able to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services
  • Bachelor's Degree in Business, Management, Computer Sciences, or equivalent prior work experience in a related field
  • Five to seven years of experience in Qualys policy compliance and vulnerability management
  • Exposure to Qualys APIs
  • Knowledge of scripting languages like python and Perl
  • Understanding of CIS-Benchmark and NIST framework
  • Working knowledge in RegEx
  • In-depth knowledge of operating systems security configuration (Windows servers and workstations, AIX/Linux/Solaris, and Apple MAC)
  • In-depth knowledge of network appliances (Firewalls, router & switches)
  • In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL)
  • Strong analytical skills (i.e., technical and non-technical problem solving skills)
  • Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN
  • Outstanding oral and written communications skills. This includes the ability to make formal stand-up presentations to all levels of management, etc
16

Deloitte, Vulnerability Management Resume Examples & Samples

  • Weekly & monthly reporting of vulnerabilities and risk priorities to clients
  • Ensure all VM scans are kept accurate and up to date
  • Ensure daily, weekly and monthly checks are carried out accordingly
  • Ensure team mailbox and distribution lists are adequately monitored and responded to in a timely fashion
  • Lead and co-ordinate all client meetings to maintain weekly / monthly governance and compliance for vulnerability management
  • Develop and enhance the regular reporting of current vulnerabilities and associated remediation activities to key clients
  • Conduct regular reviews of the Vulnerability Management service to drive continual service improvement initiatives and support similar initiatives in other areas where they provide a service component
  • Provide insight and risk remediation advice to Patching teams
  • Develop APIs with vendor tools for reporting and insight
  • Promote active collaboration between the teams within the CIC
  • Maintain the relationship with the CIC’s Cyber Check vulnerability 3rd party vendor
  • Engage with other Deloitte member firms to mature the vulnerability management service
  • Be the single point of contact for vulnerability management activities in the CIC
  • Scan the industry for emerging best practices that would allow the CIC to improve its vulnerability management position
  • Have a broader perspective of potential issues encountered when managing diverse teams and the strategies to overcome them; have a clear understanding of the firm’s commitment to creating a more inclusive culture
  • Ability to communicate professionally and effectively in written or oral format
  • Ability to think analytically and solve problems
  • Ability to troubleshoot and resolve network/application/operating system security issues
  • Knowledge and experience with designing, building, supporting, and trouble-shooting vulnerability management technologies in an enterprise environment
  • A working knowledge of the following areas
17

Director of Vulnerability Management Resume Examples & Samples

  • Bachelor's Degree and 12+ years of experience. Master's degree preferred
  • Significant experience running an Information Technology vulnerability management program and working in an Information Technology vulnerability management program as lead analyst or engineer
  • Strong analytical skills; ability to evaluate information, rapidly break it down and arrive at meaningful conclusions
  • Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties
  • Proven experience leading an IT team in the vulnerability arena
  • Experience with Windows or Unix Administration
  • Experience with vulnerability management solutions and associated GRC components
  • Technical understanding of IP based networks, operating systems, wireless technologies
  • Experience in security system design, deployment or administration
  • Experience with a major vulnerability management framework such as McAfee MVM, Tenable Nessus, Tripwire IP360, Rapid7 Nexpose, Qualys, IBM AppScan, HP WebInspect
18

Cybersecurity Vulnerability Management Resume Examples & Samples

  • Intake, review, and verify security advisories, vulnerability notifications, and other internally generated vulnerability information
  • Provide in-depth analysis of new vulnerabilities and provide recommendations for mitigation and/or remediation in partnership with other engineering and technical teams
  • Participate in development of operational run books and other documentation critical to day-to-day business operations
  • 3+ years information security experience
  • 5+ years of direct, hands-on technical experience in systems/networking administration, system engineering/architecture, security operations, or penetration testing
  • 7+ total years working in information technology
  • Familiarity with vulnerability scanning tools such as Zap, BurpSuite, or Nessus
  • Strong understanding of a variety of technical concepts including: networking, systems administration, application security, viruses/malware behavior, and penetration testing
  • Ability to develop mitigation and/remediation actions based on knowledge of the vulnerability and impacted systems
  • Working knowledge of one or more security frameworks such as the NIST Cyber Security Framework or CIS Critical Security Controls
  • Superior verbal and written communication skills with the ability to understand complex problems while formally presenting them simplistically to a variety of customers
  • Ability to develop strong working relationships with a variety of other enabling teams
19

Senior Manager, Vulnerability Management Resume Examples & Samples

  • Lead a team to communicate known vulnerabilities and threats in the Comcast system and environments to business owners
  • Partner and collaborate with business and technology teams to provide security expertise as the business teams develop remediation solutions for security threats and vulnerabilities
  • Lead initiatives that enhance Comcast's Audit, risk and information security processes within its GRC and Analytics tools
  • Foster a team culture of continuous improvement, mentoring and learning, data driven decisions, and accountability for delivery of key metrics and deliverables
  • Keeps abreast of industry best practices, vendor capabilities and academic frameworks to sustain best-in-class program
  • Effectively manages Managed Security Services resources by ensuring resources are appropriately tasked and delivering against milestones. Escalates skill set issues to MSS Management and recommends corrective action
  • Produces complex, high-priority recurring and ad-hoc reports with the purpose of measuring progress towards goals, measuring performance against objectives, and identifying improvement opportunities in the areas of risk of compliance. Will feed this data directly into the GRC Scorecard
20

Dir Vulnerability Management Resume Examples & Samples

  • A minimum of 5+ years of experience in InfoSec or Cyber vulnerability management role, with large scale, global and complex environments similar to Nike
  • Proven experience setting strategy and direction for Attack Surface Reduction, Vulnerability Management organization, including configuration of assessment tools
  • Running of day to day operations including vulnerability assessments and remediation efforts
  • Generating reports on assessments findings and summarizing to facilitate remediation tasks
  • Recommending security controls and/or corrective actions for mitigating technical and business risk
  • Producing vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
  • Delivering multi-year roadmaps for the Attack Surface Reduction function
  • Leading and managing team of subject matter experts including staffing and direct daily people management
  • Demonstrating ability to perform independent analysis of complex problems and distill relevant findings and root causes
  • Managing contracts with 3rd party vendors including SOW creation, RFPs, and escalations
  • A broad and deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies
  • Experience with cyber threat intelligence handling
  • Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems
  • An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and the associated impact on the organization
  • Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
  • Excellent interpersonal skills and strong verbal and written communication
  • 8 + years of technical experience or Cyber Security
  • Proven management experience leading a globally diverse team
  • Windows, UNIX, Linux, and mobile operating systems
  • Programming Languages, e.g. C, C++, C#, Java, PHP, PERL
  • Scanning tools (e.g. Nexpose, Nessus, Qualys, McAfee, etc.)
  • Computer hardware, middleware, and package systemss
  • Web-based and mobile applications
  • Security frameworks (e.g. ISO 27001/27002, NIST, SOX, PCI, etc.)
  • Vulnerability assessment
  • Metasploit framework
21

RTB Vulnerability Management Resume Examples & Samples

  • Assist Risk Owners to accurately assess the likelihood and impact of technical vulnerabilities
  • Provide accurate and timely data for technical vulnerability reports as per approved standards and processes
  • Consolidate multiple sources of control gaps and vulnerabilities
  • Utilise the BU and Functions Information Asset Registers to and deliver a priority map for vulnerability remediation of production or disaster recovery applications and systems
  • Provide input to Security Solutions for the creation and update of Secure Builds and Secure Building Blocks
  • Management of non-compliances to Information Risk Standards and Policies for the RTB teams on security issues identified
  • Security qualification (CISSP or CISM preferred)
  • Strong relationship, communication and stakeholder management skills
22

Expert Vulnerability Management Lead Resume Examples & Samples

  • Coordinates and manages timely remediation of security vulnerabilities across a variety of technologies
  • Responsible for the technical direction of team members to meet quarterly milestones and objectives
  • Works with business representatives to ensure remediation efforts adhere to corporate standards and policies
  • Provides analysis of remediation actions for both point in time and post event analysis
  • Coordinates remediation of high visibility, critical vulnerabilities in conjunction with senior analysts or senior analyst leads
  • Bachelor's degree in Computer Science, Cyber Security, or related discipline; advanced degree preferred
  • One or more relevant technical security certifications (GIAC, CISSP, CEH etc)
  • 12+ years of professional experience
  • Minimum 5 years professional experience in Information Security
  • Understanding of a variety of technical concepts such as: networking, systems administration, application development, application security, viruses/malware behavior, and penetration testing
  • Experience with business and/or data analytics with the ability to provide qualitative analysis and recommendations
  • Strong organizational and/or project management skills
  • Strong attention to detail, data accuracy, and data analysis
  • Current Security+, Network+ or equivalent experience. Higher level certifications such as GIAC Certified Incident Handler (GCIH) or GIAC Penetration Tester (GPEN) are strongly preferred
  • Experience with AWS or Azure environments
  • Windows Servers, Desktops, Laptops
  • UNIX Servers (Solaris, Red Hat Enterprise)
  • Network Switching and Routing (Cisco, Juniper)
  • Vulnerability/Port scanning solutions such as Nessus, Nmap, Guardium, Imperva, and Nexpose, Qualys, Nessus
  • Familiarity of TCP/IP and associated protocols
23

Director of Threat & Vulnerability Management Resume Examples & Samples

  • Information Security Threat and Vulnerability Management
  • Detailed knowledge of system security vulnerabilities and remediation techniques
  • Expert knowledge of Vulnerability Management Systems such as (Nessus Security Center, Qualys, and Nessus Cloud)
  • Experience with SIEM. Splunk Enterprise tool preferred
  • Understanding of Web application vulnerabilities
  • Knowledge of network topology and enterprise systems
  • Expert knowledge of multiple operating systems, cryptography, Linux/Ubuntu and Windows Server operating systems
  • Self-motivated and detail-oriented with strong technical, analytical, communication and interpersonal skills
  • Experience and ability to handle multiple project with tight deadlines
  • Minimum of 5 years of combined Information Technology and Security experience
  • Minimum of 5 years’ experience in an enterprise company with responsibility for vulnerability management and security incident response
  • Security and Technical Certification: CCNA, CISSP, CISA (preferred.)
24

Patch & Vulnerability Management Resume Examples & Samples

  • 0-1+ year(s) of relevant consulting or industry experience
  • Demonstrated ability to write clearly, succinctly, and in a manner that appeals to a wide audience
  • Proficiency in word processing, spreadsheet, and presentation creation tools, as well as Internet research tools
  • Demonstrated strong understanding of large scale information technology systems, business processes, security regulatory risk management and security vulnerabilities
  • Experience in one or more of the following information security domains
25

Cybersecurity Vulnerability Management Lead Resume Examples & Samples

  • Bachelors’ degree in computer science, information systems or related field; advanced degree preferred
  • 8+ years of overall IT experience preferred
  • 7+ years of technology experience, ideally including experience in the Financial Services and Cybersecurity or related fields
  • Certified Information Security Auditor (CISA) or willingness to pursue
  • Strong working knowledge of operations practices in the context of Cybersecurity
  • Knowledge of what constitutes a cybersecurity attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues
  • Keeps technical skills current, able to contribute to in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation
  • Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations
  • Effective negotiation and influencing skills
  • Ability to both learn from colleagues and think outside the box
26

Vulnerability Management Resume Examples & Samples

  • 1+ years of experience with vulnerability analysis and risk management
  • Knowledge of National Institute of Standards and Technology (NIST) SP 800-53 for unclassified systems
  • Ability to produce technical documents
  • Ability to manage multiple assignments, adjust priorities, and meet deadlines based on mission requirements
  • DoD 8570 IAT II or IAM II Certification
  • Experience with creating Standard Operating Procedures (SOPs) or similar deliverables
  • Ability to develop effective working relationships that improve the quality of work products
  • Possession of excellent oral and written technical communication skills
  • Top Secret clearance preferred
  • BA or BS degree in CS, MIS, or other related technical field
  • DoD 8570 IAT III or IAM III Certification
27

Vulnerability Management Expert Resume Examples & Samples

  • Create, monitor, and maintain security baselines based on industry standards
  • Monitor vulnerability and threat feeds that may impact Novartis Implement tuning requests from cyber security stakeholders to ensure tools are providing maximum value Coordinate security technology design with the architecture design area Liaise with other teams in information security & risk management, architecture & infrastructure management as well as business functions to ensure security technologies are in alignment with protection goals. Stay up to date with industry trends and current security practices. Recommend the implementation information security technologies that address specific risks
  • Fluency (written and spoken) in English
  • 5+ years of working experience, 3 of those years with Information Security management Demonstrated experience deploying security technologies at large corporations Experience in reporting to and communicating with management (with and without IT background, with and without in depth risk management background) on information risk topics Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences, and to audiences with a risk management profile as well as those with a less outspoken risk management profile. Excellent understanding and knowledge of general IT application technology, systems and management processes Experience designing IT services, working closely with vendors and making full use of their capabilities Proven experience to initiate and manage projects that will affect other divisions, departments
28

Threat & Vulnerability Management Assosiate Resume Examples & Samples

  • Ability to work under pressure and to tight timescales
  • A detailed understanding of, and experience in, IT security
  • Candidates should be self-directed, innovative, proactive, pragmatic and highly motivated
  • Detailed Windows/*nix operating system knowledge
  • Technical understanding of security products such as firewalls, IDS, and security aspects of underlying operating systems
  • Appreciation of trends in IT security
  • Good understanding of OWASP Top 10
  • System Administration skills
  • Programming/coding Skills
  • Broad interest in Security
  • Able to think outside the box
  • Basic Presentation skills
  • Hands-on support in Projects
29

Cybersecurity Vulnerability Management Resume Examples & Samples

  • Function as the primary point of contact in-region for Vulnerability Management and work directly with the Regional Chief Information Security Officer
  • Directly manage a team of 2-4 analysts responsible for a variety of tasks including vulnerability advisory management, metrics and analytics, and root cause analysis
  • Provide in-depth analysis of new vulnerabilities and provide recommendations for mitigation and/or remediation in partnership with engineering and technical teams
  • Provide operational support and guidance to Global Cybersecurity teams related to vulnerabilities and vulnerability management
  • Develop metrics and analytics on several different types of data related to vulnerability management such as asset inventory, vulnerability scan data, and application security scan data
  • Direct experience with conducting data analytics and conducting root cause analysis based on the data
30

Threat & Vulnerability Management Resume Examples & Samples

  • Hardening Guidelines: Ensures that for all relevant appropriate hardening guidelines are available and adopted to ABB security needs. Works together with the service providers to ensure that the hardening guidelines are implemented
  • Assessment Report Management: Defines the report format, reviews the security configuration reports from the providers, triggers timely provision of reports, requests changes updates etc. Reviews and checks completeness of reporting results and also quality of the provider reports
  • Deviation Management and Exception Hardening: Assesses the reports and risk assesses deviations from expected configuration. Maintains a database of deviations and accepted exceptions
  • Exception Handling: Reviews exception and manages escalation of unaccepted deviations. Works with service providers and InfoSec Risk Management in cases of different assessments of risk
  • Communication: Communicates deviation to the relevant organizations for mitigation and also exceptions to all relevant bodies
  • Management Reporting: Reports the security status in terms of security configuration to the relevant bodies (i.e. InfoSec Management, Service Management)
  • Others: On-boarding of new applications, systems, service providers etc. Integration of new service providers into the Security Configuration Management processes and activities
  • Associates degree and 7 years of IT focus experience with a minimum of 2 years information security experience
  • In-depth security configuration knowledge of two or more of the following: Windows Server OS, Linux Server OS, Cisco iOS, SAP, AIX, SQL, Oracle Databases, or IaaS cloud solutions
  • In-depth knowledge of security configuration baseline documentation such as Center for Internet Security- Security Benchmarks, US Defense Information Systems Agency - Security Technical Implementation Guides, or SANS Top 20 Critical Security Controls
  • In-depth knowledge of ISO 27001/27002 Certification for ISMS, Sarbanes Oxley (SOX) Compliance, and international data privacy laws
  • Quick learner who has a bias for action, self-directed, and decisive
  • Good English language skills (spoken and written)
  • Ability to communicate ABB compliance requirements to technical and business stakeholders
  • Good management skills for interaction with service provider and internal organization
  • Team player & multicultural sensitivity
  • Knowledge of security auditing and vulnerability assessment tools such as RSA Archer, QualysGuard, FireEye Retina, Onapsis, or Rapid 7-Compliance
  • Knowledge of security auditing and vulnerability assessment techniques & methodologies
  • Desired Information Security Certifications such as CASP, CCNA Security, CCSP, CISA, CISSP, or CISM
  • Experience in working in outsourced environments
31

Vulnerability Management Lead Resume Examples & Samples

  • Update and maintain the SOPs for the Vulnerability Management Program
  • Manage the ACAS implementation
  • Conduct vulnerability auditing on 100% of DSS Information Systems with the DISA Assured Compliance Assessment Solution (ACAS), current vulnerability auditing solution, or a combination of solutions. Weekly audits will be delivered to the system owners and on demand audits will be performed on devices not accessible during automated vulnerability audits on all DSS enclaves
  • Maintain compliance to the standards set by the DISA Filed Security Operations Command Cyber Readiness Inspectors (CCRI) and Certification and Accreditation and all applicable DOD inspection programs
  • Develop and maintain a dashboard on DSS CND SharePoint with current vulnerabilities, IAVMs on DSS computing devices. Include associated ACAS plugins, suspense dates, POAM status, system owners, percentage of compliance, and status
  • Develop and maintain a dashboard with the current Security Requirements Guides (SRG) and Security Technical Implementation Guides (STIG) and implementation status on DSS environment. Include associated vulnerabilities, suspense dates, POAM status, system owners, percentage of compliance, and status
  • Conduct monthly audits to include but not limited to STIG-SRG, SCAP, and all system vulnerabilities in compliance with mandated DOD directives
  • Conduct and report daily audits in support of identity assurance in order to validate user accounts, computer accounts, privileged accounts, system accounts, and report any anomalies to Incident Responders
  • Coordinate the assessment of vulnerabilities with system owners
  • Provide detail vulnerability reports
  • Assist other team members with developing mitigation plans
  • Support system administrators with resolution of vulnerability findings
  • 9 years’ of Cyber Security experience (7 Years’ with a Master’s degree) with a Bachelor’s degree in a technical specialty: cyber security, computer science, or similar field. We may consider four (4) additional years of relevant experience in lieu of a degree
  • At least 4 years of experience successfully managing a Vulnerability Management in a DoD environment
  • At least 5 years of relevant experience working with a combination of ACAS, SRG, CCRI, STIGs, IAVMs
  • Experience with Cyber security policies, operations, and reporting requirements
  • Experience performing vulnerability audits and assessments
  • IAT-I, II or III IA Baseline Certification (SEC+, CISSP, etc.)
  • CND IA Auditor Baseline Certification: (CEH, CISA, GSNA)
  • Computing Environment or OS Certificate
  • Security+ CE certification
  • Must possess an active/current TS/SCI clearance
  • CEH certification
  • CCNA certification
  • Familiar with any of the following: Akamai, Splunk, Cisco, McAfee, SCAP, ACAST, F5