Vulnerability Management (APAC Operations and Governance):
Co-ordinate with global VM team to collate APAC vulnerability data for a global bank
Co-ordinate with APAC Technology teams to drive vulnerability remediation in APAC region
Articulates risk and impact to APAC IT leaders with the proven ability to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents to the bank
Extensive hands-on experience on Vulnerability Management tools - Rapid7
Hands on experience in deploying and setting up the new scanner, running discovery, vulnerability scans and policy configuration
Hands on experience in troubleshooting and resolving the deployment issue from the Scanner
Leads and drives remediation efforts within IT and Security environments to increase the efficiency of vulnerability management processes
Analyzes security issues, determine cause and impact and identifies the corrective action needed to eliminate and prevent the event from happening in the future.
Exhibits a good understanding of vulnerability validation, re-production, remedy advice and vulnerability research skills.
Actively engages with various internal stakeholders including IT Engineering and Infrastructure teams, development, legal, corporate communications, and other relevant teams in Cybersecurity to conduct holistic response management on identified vulnerabilities and the remediation efforts.
Collaborates with IT Service teams to determine reporting and metrics needs and share and present reporting and metrics to Cybersecurity and IT Leadership.
Demonstrates the ability to strike a balance between strategic and tactical activities required to run the vulnerability management, response and remediation efforts.
Participates in the creation, review and maintenance of current and proposed processes and procedures and related documentation within the vulnerability management and remediation team.??
Good understanding in Web application security (DAST, Manual Web application testing)
Good Understanding of OWASP Top 10
Hands on experience in conducting CIS and other industry standard benchmark scan.