Vulnerability Assessment Team Lead

Job Description :

Team Lead, senior member of team tasked with coordinating and reporting responsibility for the daily operations of the function, reports to the Senior Manager at US Office. They should be expert (Level 3) position, requiring at least 7 years relevant experience. In this role, the candidate will significantly influence overall security posture by regularly scanning systems and networks for vulnerabilities, reviewing, and prioritizing remediation guidance and reporting the results to all IT stakeholders.

Subject-matter expertise with the Tenable.sc Vulnerability Management System (VMS) Platform

They will share expertise, thought leadership and overall guidance to ensure compliance objectives are upheld and security industry standard best practices are utilized. They will serve by example and earn the trust of the Vulnerability Assessment team, other collaborators from the Technical Risk Office (TRO), Endpoint Team and the people and healthcare entities whose assets we manage and protect.

Must have advanced trouble shooting skills and possess the ability to identify the severity of an issue, ability to resolve issues quickly to customer satisfaction and prepare RCA or postmortem reports to stakeholders & management upon request

Responsibilities :

1. Plan, Coordinate, Conduct orderly product updates/upgrades (Internal planning, CAB CRs, Meetings with Downstream stakeholders (Site IT), Meetings with IT stakeholders (CorpIT, Local IT, Other TRO verticals)

2. Instruct/Advise Internal SMEs effectively to ensure safe & effective product/service delivery

3. Be able to understand and execute VA Manager guidance for product lifecycle management requirements

4. Be able to learn (and ensure alignment with) TRO security strategy from CISO, VMS product guidance from VA Manager, VMS strengths & limitations from VA SMEs

5. Vulnerability Reporting & Enterprise-level Vulnerability Scanning Strategy (Design, Architecture, Tuning, etc.)

6. This is different from being a member of a team that works with technology – the ideal candidate needs to have experience “designing” or “improving” the technology, at the Enterprise level

Required qualifications:

One or more certifications for vulnerability assessment analysts: GPEN, GWAPT, GSNA, GMON, CISSP.