Vulnerability Management, Security Operations Vice President

Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.

As a Security Operations Vice President in Cybersecurity & Tech Controls, you will contribute significantly to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. You will be on the front lines of managing vulnerabilities by making critical decisions on the inherent risk to the infrastructure or the application itself and thus the risk to the firm clients & customers. You will be working with a highly motivated team laser-focused on analyzing, scoping, developing, and delivering solutions built to stop adversaries and strengthen our security posture. Your research and work will ensure stability and resiliency of our current technology products, emerging technology, and our vast application estate. Working in tandem with various internal teams both in Cyber and various Line of Business partners, as well as technologists and innovators across our global network, by leading the positive actions that will stop adversaries and strengthen customer's confidence..

• Review new vulnerabilities published from multiple sources and identify those that may pose risk to the firm.
• Define an accurate risk rating in line with proprietary and industry standard risk rating methodologies.
• Identify the impacted assets and/or application(s) at risk.
• Document the vulnerability providing a detailed write-up on the risk and exposure.
• Confirm any risk mitigation factors and define the remediation activity if known.
• Assess exploit code and/or conceptual code to determine attack vectors.
• Recommend any risk mitigation factors and define the remediation activity if known.
• Assess security researcher identified vulnerabilities to provide recommendations on remediation and identify additional risk.
• Drive the global teams' daily workflow, undertaking daily case-load analysis and prioritization.
• Represent the global team and be the technical lead on major incidents impacting the Vulnerability Management space.

• Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
• 5+ years' experience in a Cyber Operations/Vulnerability Management role with a strong knowledge of operational processes supporting Vulnerability Management and the wider SOC; with the ability to demonstrate comprehension of the end-to-end Vulnerability Management workflow (to include industry standards such as CVE, CPE, CVSS).
• Proven experience in vulnerability assessment and exploitation.
• Strong knowledge of security protocols, encryption, and network architecture.
• Familiarity with ethical hacking practices and penetration testing methodologies.
• Proven experience in command & control practices like Incident Management and/or Cyber incident response methodologies.
• Strong and broad understanding of Cyber Security Controls (Physical, Logical, Processes and Procedures)
• Strong and broad understanding of leading vendor products/applications e.g., Oracle [Java], VMWare, F5, Citrix, Microsoft; to include product lifecycle & release schedules.
• Strong and broad understanding of open-source software deployment in a large technology estate.
• Strong understanding of Cloud and Public/Private Cloud environments.
• Demonstrate prior experience in managing 24x7 operations.

• Experience with Agile and experience working to manage remediation actions via an active backlog and Jira an advantage.
• Familiarity with Cyber scanning tools including Qualys, Snyk, CrowdStrike, and other tools is an advantage.
• Experience of working with data sources via SQL, JSON, APIs and Splunk will be highly beneficial.