Job Description

:

• Design and drive strategy and tactical plans toward holistic Vulnerability Management across multiple technology teams in a large complex organization.
• Analyses patch and vulnerability information for Vulnerability Management processes.
• Automate the Vulnerability Management process to improve operation efficiency.
• Provide status report to Regional RISO and IT leaders related to Vulnerability Management metrics, key risk indicators, trending and compliance reports.
• Collaborate with Information Security policies, standards and baselines and contribute efforts to measure compliance.
• Collaborate with cross-functional teams, including IT, security operations, and development teams, to ensure timely vulnerability remediation across on-premises and cloud environments.
• Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.
• Create and maintain SOPs for the Vulnerability Management program, provide technical knowledge to operations and production support teams.
• Work with portfolio manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.

• University Degree in Computer Science, or a related field
• Minimum 4-6 years of IT security experience such as penetration testing, vulnerability scanning, security audits, configuring and managing security systems.
• Knowledge of security standards, frameworks, and best practices (e.g., OWASP, CVE, CVSS).
• Technical knowledge and experience working with enterprise vulnerability management platforms.
• Work experience with vulnerability assessment tools like Rapid7, Nessus and similar.
• Extensive knowledge and experience with diverse IT architecture and enterprise IT data centers, external hosted service and cloud computing environments.
• Solid grasp of computer networking concepts and protocols and network security methodologies.
• Detailed comprehension of information security technology and tools, integrations, API and scripting.

• Able to exercise good judgement in a dynamic environment.
• Independent and self-directed, with excellent time management skills.
• Excellent communication skills with the ability to communicate risk in business-relevant language.
• Effective communication and collaboration skills for management presentation materials. Experience on reporting and analytics tool is required such as Power BI, Advanced Excel/Power Query.
• Team player with positive attitude. Highly driven, autonomous, and resilient. Enjoy working in a dynamic and multi-cultural environment.
• Good program/project management skills.
• Relevant certifications such as CISSP, CISM, or equivalent are a plus.

Chubb