RESPONSIBILITIES:
Administration of Vulnerability Management Security Solutions and researching, designing & developing additional protection technologies
Installation, management & support of the following Products: Tenable.IO and associated products and Qualys and associated products
Presenting vulnerabilities in client meetings at a CIO/CEO level
Keeping abreast of new vulnerabilities through active subscriptions & research
Document policies, procedures and diagrams of the vulnerability management environment
Advanced threat response and investigation skills
Technical Lead in the delivery on Vulnerability Management solutions. Provide technical Hands-on, assistance, guidance & training to team members
Proving input to the Delivery Solutions Team on RFPs related to vulnerability management solution
Maintain information security technology management based on the industry good practice frameworks consistent with the applicable laws and regulations
Ensure an ongoing security technology improvement program across the client through the appropriate mechanisms such as security compliance audits, risk/ vulnerability assessment, awareness promotion and education
Provide technical leadership to ensure that selected tools are exploited to ensure maximum client risk reduction
Ensure the delivery in accordance with SLA, agreed process and procedures and good practicesEXPERIENCE:
+ 10 years experience in IT industry
+ 5 years experience in Technical Information Security positions
Alignment and experience with good practices essential (CoBIT, ISO17799 or equivalent)
Practical experience in development of policy and standards
Network-based security experience is essential
Tenable, Qualys or other Vulnerability Scanning installations as per Customer requirements
+5 years Vulnerability Management (Risk based and Threat Intelligence)
Standards-based architecture with an understanding of how to implement, including compliance monitoring and enforceability
Windows and Linux Server basics (working with server engineers)
Windows workstation troubleshooting (working with desktop support engineers)
People skills. Working with multiple teams and managing vulnerabilities with each
Patch management basics
Compliance basics
Ability to identify a false positive from a true positiveFORMAL EDUCATION:
Grade 12
Relevant Diploma/ DegreeTECHNICAL CERTIFICATION:
ITIL foundation certificate
CompTIA: Network+, A+ and Security+
Tenable
Qualys/Nexpose/InSightVM is advantageous
CEH is advantageousKEY COMPENTENCIES:
Strong Technical understanding of hardware, software, application development, operations
Thorough knowledge of ITIL and COBIT best practice frameworks with specific focus on Security
General knowledge of security industries
General Business knowledge
Practical experience in Ethical hacking