We are looking for a Vulnerability Management Specialist. This role is responsible for leading the end-to-end Vulnerability Management process and collaborating with cross-functional IT teams, while working closely with platform teams on projects for remediation support within a renowned bank.
Mandatory Skill(s)
- Must have 8–10 years of overall IT experience, including 4–7 years in IT Security and 4+ years specifically managing enterprise-level Vulnerability Management processes;
- Must have Experience of running Vulnerability Management Service and conducting Vulnerability Assessments;
- Must have Hands-on knowledge of Tenable Security Center or any other vulnerability management tool, along with strong reporting and documentation skills;
- Proven hands-on experience managing the end-to-end Vulnerability Management lifecycle;
- Strong technical expertise in assessing vulnerabilities and identifying weaknesses across multiple platforms, such as OS, networks, databases, and application servers;
- Skilled in risk-based prioritization of vulnerabilities and remediation planning;
- Experience in administering and operating Tenable (Nessus) Security Center in a large enterprise setup;
- Strong understanding of reporting requirements at technical and executive levels, with the ability to design and deliver insightful dashboards and reports;
- Proficient in creating reports and visualizations using Excel, PowerPoint, and Word;
- In-depth understanding of ITIL processes and comfort working in structured, process-driven environments.
Desirable Skill(s)
- Certified Information Systems Security Professional (CISSP);
- GIAC Enterprise Vulnerability Assessor (GEVA) or equivalent Vulnerability Management certification;
- CREST certification;
- Communication in French and experience in financial institution is an added advantage.
- Experience with BI tools like Power BI.
Responsibilities
- Responsible for preparing the Vulnerability Management Plan and executing it through all phases of the vulnerability management lifecycle;
- Ensure vulnerability scans are scheduled, correctly configured, and executed on time. Investigate scan failures and reschedule as needed;
- Perform periodic IT asset discovery and ensure new or updated assets are flagged to the owner for proper tagging and onboarding into the vulnerability management tool;
- Analyze identified vulnerabilities, assess their risk and impact based on the environmental context;
- Coordinate with Infrastructure and Application teams to explain vulnerabilities, their relevance, and potential impact;
- Maintain and update the Vulnerability Dashboard, providing regular reports to both technical teams and senior management;
- Provide subject-matter expertise for the Vulnerability Management service;
- Lead remediation planning and coordination efforts following penetration tests, involving cross-functional teams;
- Conduct scans for emerging threats across the asset landscape, assess applicability, and lead remediation initiatives;
- Ensure compliance with all legal, regulatory, and internal policies, including the Singapore Compliance Manual and Financial Security requirements, especially those related to financial crime and fraud prevention, including reporting obligations to the Money Laundering Reporting Officer.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Anand Waleski at anand.w@sciente.com quoting the job title.
