Title: IT Infra & Cyber Security Specialist – Vulnerability Management
Client ID: ( 14195420/ 14195423)
Contract Duration: 12 Months (Hybrid)
Location: Montreal, QC
Job Description:
• Perform BAU activities of Production Security Vulnerability Management function, including Asset/Scanning reconciliation, Vulnerability Scanning, Assessment, Remediation Support/Coordination & Reporting.
• On-going support to remediation stakeholders to assess, prioritize, and track the execution of remediation efforts.
• Deliver Vulnerability Management reporting and analytics functions on a scheduled basis and support ad-hoc report requests
• Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.
• Maintain appropriate documentation that defines the Vulnerability Management Program, policies, and procedures.
• Ability to fully understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs.
• Build strong working relationships with IT Infrastructure, Development & Application Support teams to achieve remediation objectives driven by BAU & Project related priorities
• Contribute to related Governance/Steering committees, associated KPI reporting and action tracking
The strengths and skills that will help you succeed.
• Experience with VM scanning tools (Nexpose, Qualys, Tanium)
• Strong written and verbal communication skills
• Strong overall IT Infrastructure and Cyber Security expertise
• Strong experience with operating systems, network security, protocols, application security, infrastructure hardening, and security baselines.
• Experience with Reporting/BI platforms (i.e., PowerBI, JIRA and similar platforms)
• Experience working with large data sets and ability to summarize findings to achieve target objectives
• Ability to coordinate, build relationships, and represent Production Security with stakeholders
• Process improvement experience, ability to identify feasible solutions and recommend new approaches
• Solid problem-solving & analytical skills; must be resourceful, innovative, results-driven, and adaptable
• Extensive experience with MS Office products including Word, Excel, PowerPoint, Outlook, and others
• Experience with industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS)
• Experience Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001&27002).
• Previous experience working in large-scale environments with diverse technologies is a must
Preferred Qualifications:
• B.S./B.E. in Computer Science or equivalent field
• Minimum of 5+years of professional experience
• IT Development/Infrastructure background (Developer, DevOps, System Admin)
• Industry certifications such as CISM, CISSP, CRISC, or similar
• Financial Services background