91±¬ÁÏ

    Pour rester inform¨¦ sur nos opportunit¨¦s :
    Rejoignez notre communaut¨¦ de Talents

    Vulnerability Remediation Lead

    Taguig, Metro Manila, Philippines

    Vulnerability Remediation Lead

    • 202401059
    • Taguig, Metro Manila, Philippines
    • Closing on: Dec 31 2024

    Description

    As the Vulnerability Management Lead, the candidate should be knowledgeable of supporting vulnerability management lifecycle (from detection to closure), keeping a risk-based approach throughout. The best candidate will have the security-by-design mindset and yet understand the importance of building relationships with the wider Technology functions to convince them to remediate the identified vulnerabilities for reducing cyber risks to the Company.
    In this position, you will work closely with the Application/Control owners, track remediation progress and publish metrics to senior management highlighting the vulnerabilities that have not been remediated in a timely manner.

    The Role

    • Responsible for executing VM processes, guidelines, standards and metrics.
    • Lead the vulnerability management program, including vulnerability scanning, assessment, and remediation.
    • Identify and access security vulnerabilities across applications, systems, network and Infrastructure through regular scanning and assessments.
    • Convincing control owners to remediate/mitigate the vulnerabilities making sure it is not impacting the business.
    • Collaborate with cross-functional teams to identify and prioritize vulnerabilities based on their severity and potential impact.?
    • Provide technical expertise and guidance on vulnerability management best practices.
    • Collaborate with system administrators, developers, and other relevant stakeholders to ensure secure software development practices.?
    • Build and expand internal relationships with key groups and stakeholders, creating efficiencies for any dependencies.
    • Consult teams to resolve issues that are uncovered by various internal and third-party monitoring tools.
    • Investigate and validate reported vulnerabilities from internal and external sources.
    • Generate reports and metrics for management on vulnerability assessment finding, progress, and trends.
    • Monitor and stay up to date with Industry trends and the latest vulnerabilities and threats
    • Appy a structured methodology and lead change management initiatives to create a strategy to support adoption of the changes required by a project or initiative.
    • Effective implementation of all the projects assigned and take complete ownership of the deliverables.
    • Other managerial activities that help team and group objectives

    Qualifications

    The Requirements

    • Experience in working with Vulnerability Management/Threat Intelligence tools such as Qualysguard, Tenable, Nessus, Wiz, Symantec etc.
    • Fundamental understanding of Operating Systems ¨C Windows, Linux and Cloud
    • Ability to apply risk-based approach while working on assigned responsibilities.
    • Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills.
    • Ability to prioritize multiple requests and clearly communicate the priorities to the team and management.
    • Stays abreast of emerging trends, regulatory changes, and evolving threats in the security and compliance landscape, advising the organization on potential impacts and necessary actions.
    • Be able to identify and resolve conflicts and identify items that need senior management attention.
    • Ability to communicate effectively with all business levels internally and externally.
    • Capable of communicating security-related concepts to a broad range of technical and non-technical individuals as well as understanding new technologies quickly.
    • Ability to manage projects working with a diverse group of individuals across multiple geographies.
    • Familiarity with ISO 27001, NIST, and other guidelines on information security controls.
    • Certifications in one of more of the following is a plus: Certified Information Security Auditor (CISA), Certified Information Systems Security, Professional (CISSP) or Certified Information Security Manager (CISM).

    91±¬ÁÏ is an Equal Opportunity Employer

    Apply Now

    Pas toi?

    Merci

    Contact non sollicit¨¦

    Tout curriculum vitae ou profil de candidat non sollicit¨¦ soumis via notre site web ou receptionn¨¦ sur les adresses emails ¨¦lectroniques des employ¨¦s de Willis Towers Watson est consid¨¦r¨¦ comme la propri¨¦t¨¦ de Willis Towers Watson et n¡¯est pas soumis au paiement de frais d¡¯agence.

    Pour ¨ºtre une agence / un cabinet de recrutement autoris¨¦ par Willis Towers Watson, cette agence / ce cabinet doit avoir un accord ¨¦crit formel existant sign¨¦ par un recruteur autoris¨¦ de Willis Towers Watson et ¨ºtre dans une relation de travail active avec l¡¯organisation.

    Les CV doivent ¨ºtre soumis conform¨¦ment ¨¤ notre processus de pr¨¦sentation de candidats, ce qui inclut le fait d¡¯¨ºtre activement engag¨¦ dans la recherche en question. De m¨ºme, pour nos agences de recrutement/firmes de recherche autoris¨¦es, si le processus de pr¨¦sentation de candidats n¡¯est pas respect¨¦, aucun frais d¡¯agence ne sera pay¨¦ par Willis Towers Watson.

    Willis Towers Watson est un employeur promouvant l¡¯¨¦galit¨¦ des chances. Si vous souhaitez que vos coordonn¨¦es soient sauvegard¨¦es en vue d¡¯un examen ult¨¦rieur, veuillez envoyer un courriel ¨¤?: Agency.inquiries@willistowerswatson.com .

    Nos bureaux

    Nos collaborateurs sont pr¨¦sents dans plus de 140 pays : de Mumbai ¨¤ Londres, en passant par Manille et New York, du Moyen-Orient ¨¤ l¡¯Am¨¦rique latine. Cette dimension internationale que nous retrouvons dans la plupart de nos projets est une source d¡¯opportunit¨¦s de collaboration et de croissance incroyables. Parcourez la carte ci-dessous pour voir jusqu¡¯o¨´ une carri¨¨re chez Willis Towers Watson pourrait vous mener.

    Rencontrez nos collaborateurs