GLOBAL SECURITY VULNERABILITY MANAGEMENT CONSULTANT
COMPUTER/IT Global Security Vulnerability Management Consultant, IBM Corporation, Herndon, VA (Up to 50% telecommuting permitted): Oversee the daily tasks to address customer requirements. Identify Short- and Long-term activities, identify and assign the task to appropriate team members. Work on scheduled target to ensure deliverables are delivered on time. Development of strategy relating with client's security team. Assess all the security measures of the organizations. Work with different Security Partners to understand the risk and take appropriate action. Work with the different stakeholder to gather the current asset inventory. Ensure all the in-scope devices are scanned at agreed frequency. Work towards expanding the scan scope to ensure all the critical assets are identified and scanned at regular frequency. Identify the scan setting that are listed as per clients needs. Configure the scan profiles to ensure all the check that are required are enabled. Ensure the devices are scanned without any negative impact. Distribute the assets evenly to ensure the scan are not taking long time than expected. Identify the assets and map it to right scanners. Work with Network team and server team to ensure that scans are not running too long. Schedule daily scrum meeting to gather status of the program. Capture all pain points and work with respective departments. Schedule meeting with management to review weekly status and discuss the risk or dependencies where management attention is required. Identify resolver groups for different business areas. Assign the vulnerability ticket to the remediation teams. Work with remediation teams in assisting with remediations. Track the ticket for closure. Generate the open vulnerability metrics to show the vulnerability age. Track the age of the ticket and generate Open vs Closed metrics. Work with remediation teams to prioritize the vulnerabilities based on severity and age. Identify the events that can adversely impact organization security stature. Monitor monthly risk exposure and bring the issue to management notice. Validate the number of devises that are being authenticated vs not authenticated. Work on getting the non-authenticated devices to the authenticated scope. Validate the vulnerability trend and take appropriate action to ensure the risk is at acceptable level. Prepare monthly presentation that talks about over al risk posture of the organization. Capture actionable items that increases security resilience. Identify the risk areas and suggest the appropriate controls. Utilize: Risk Assessment, Qualys, Rapid7 Scanner, Ticketing Systems, Information Security Management and SAP Security Scanning. Required: Bachelor's degree or equivalent in Vulnerability Management, Computer Security, Computer Science or related and two (2) years of experience in Information Security and Vulnerability Management or related. Two (2) years of experience must include utilizing Risk Assessment, Qualys, Rapid7 Scanner, Ticketing Systems, Information Security Management and SAP Security Scanning. Send resumes to firstname.lastname@example.org. Applicants must reference Z233.