Our client in the public sector is looking for a contract based Vulnerability Management Specialist.
Duration: 6 months + 6 months extension
Location: Hybrid 2d/week Toronto
Responsibilities
- Accurately forecast licensing and technical requirements for the Vulnerability Management solutions, aiding in project planning and resource allocation.
- Implement a single platform that identifies and manages vulnerabilities across product portfolio, streamlining the monitoring process for improved security
- Establish automation for vulnerability scans, detection, and remediation workflows across both environments to minimize manual intervention and reduce response time
- Ensure the vulnerability management solution integrates with existing ITSM, SIEM, and Threat Intelligence platforms to provide a comprehensive security posture.
- Coordinate with the team for the rollout and configuration of VM solution and services.
- Coordinate with the vendor and the support team to resolve technical issues with the VM solution and services.
- Key technical resource to the Vulnerability Management project.
- Coordinate with Infrastructure team to deploy VM IT and OT scanners, sensors and agents where required.
- Conduct regular and ad hoc vulnerability, discovery and policy scans on IT and OT systems.
- Configure and maintain asset tagging based on various parameters such as asset criticality, ownership, function, location etc.
- Setup customized dashboards to showcase vulnerabilities specific to the divisions, agencies, and corporations.
- Develop and maintain vulnerability management automation and document e.g. designs, assessments, remediation actions, and compliance status.
Requirements
- Experience in identifying, assessing, and remediating vulnerabilities in complex and diverse Government jurisdictions and or large private sector organizations.
- Strong background in securing IT systems and an in-depth understanding of OT environments, such as SCADA systems, Industrial Control Systems (ICS), and other critical infrastructure technologies.
- Experience with OT-specific security standards like IEC 62443, NERC CIP, or similar
- Extensive hands-on experience (over 5 years) in using and configuring vulnerability management tools specifically Tenable IT and OT stack.
- Hands-on experience in integrating vulnerability management tools with Security Information and Event Management (SIEM) systems, EDR, IT Service Management (ITSM) tools, and Threat Intelligence Platforms
- One of the cyber security certifications such as CISSP, CEH, OSCP or similar is a must.
- Technology certification such as Tenable Vulnerability Management Specialist, Specific OT security certification or similar is a plus.
- Strong understanding of networking protocols, operating systems (Windows, Linux, etc.), and cybersecurity principle