MCS Group is proud to be working exclusively with Allstate here in NI as they seek a cyber security vulnerability manager to join their Digital DNA's Workplace of the Year 2020. Heading up a multinational team to own and drive the vulnerability management strategy for the Allstate family of brands, leading by example providing vision, strategy, and prioritisation to control vulnerabilities in the environment.
What you will be tasked with achieving
- Own and drive the vulnerability management strategy for the Allstate Family of Brands
- Be a champion for vulnerability management and information security including broadening awareness and use of the team's services, education of security best practices and integration with other business areas.
- Drive actionable metrics and reporting for operations and leadership transparency
- Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness
- Closely support and collaborate with other Cyber Security Operations teams
- Provide support on incidents and outages as necessary to enable effectiveness of the team and its operations
- Serve as subject matter expert related to vulnerability management and secure configuration
- Have the ability to understand and develop enterprise policy and technical standards with specific regard to vulnerability management and secure configuration.
- Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to Allstate's environment, and determine and implement mitigating controls.
- Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
- Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions.
- Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need.
- Providing mentorship, coaching, performance management and support to team members with regard to vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development.
- Oversight of onboard and offboard resources
- Other duties as assigned.
So, what are the essential criteria to apply?
- Bachelors or Master's Degree in Information Security, Engineering, Computers Science, or related field; or equivalent industry experience
- 5+ years' experience in either vulnerability management or related information security field such as penetration testing, SOC, or threat intelligence
- 2+ years' people or technical leadership experience
- The ability to assess or analyse security controls and weaknesses and communicate them effectively to multiple stakeholders
- Understanding of best practice for fixing or re-mediating security vulnerabilities
- Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations
- Excellent analytical and problem-solving skills
- Ability to think clearly and make decisions under pressure
- Demonstrated ability to participate in cross functional teams, including offsite, remote, and offshore resources
- Experience guiding and coaching others in subject matter
- Excels at prioritising work and other demands for self and team including making risk-based decisions about remediation recommendations
- All candidates must be able to demonstrate their right to work in the UK. Please note, this position is not eligible for visa sponsorship
What will give you the edge over other candidates?
- Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
- Experience working in very large enterprise environment with diverse teams.
- Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls
- CISSP, GCIH, GPEN, or other industry certification or expected completion of certification within 1 year of hire.
- Advanced experience with vulnerability scanning tools and other security testing tools.
- Understanding of attacker mindset, exploitation, and how vulnerabilities are leveraged.
- Ability to define, communicate, and execute on a vision and strategy
- Effective written, verbal communication skills. Ability to tailor communication style to audience at hand
- Ability to effectively communicate with technical and non-technical resources
- Strong organisational skills
- Self-directed, works with minimal guidance, and recognises when guidance needed
- Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing.
To speak in absolute confidence about this opportunity please send an up to date CV via the link provided or contact Andrew McKnight, Specialist Recruitment Consultant at MCS Group +44(0) 28 9693 2668
Even if this position is not right for you, we may have others that are. Please visit MCS Group to view a wide selection of our current jobs mcsgroup.jobs
Experience: 0 yrs