Vulnerability Management Assessments SME

• Create new and improve existing operational models to guide our daily operational activities.
• Identify service gaps and create uplift plans for future state models and road maps.
• Identify critical paths of operation and ensure that they are followed to provide the most streamlined and efficient method of operating, sometimes working to critical time deliveries.

• Ensure that the assessment function is able to react in real time to potential threats, runs to a high-quality standard, including ingestion of relevant intelligence, and appropriate analysis to put the bank in the best informed position to make choices that will continually lead to successful defence and hardening.
• Experience with Application security scanning techniques to ensure the risk are assessed as per ongoing APTs Tactic, Techniques & Procedures focusing for the and its business sector globally.
• Demonstrable experience with SAST, DAST, MAST and FOSS scanning and vulnerability review for potential temp fixes and False positives will be key.
• To oversee the False Positive, Temp Fix, criticality reviews, Service Sustainability Portfolio and Secret Exposed Credential reviews conducted by the team and ensure that satisfactory and accurate identifications are managed and documented for audit purposes.

• Contribute to responses that inform requests from Regulators, Internal/ External Audit etc; and responses to 2
  
  LOD challenges/ Papers providing responses / guidance to the Cybersecurity Governance Team
• Providing commentary to routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs.

• Adhoc tasks as required, including support to CSAT operational activities.
• Handling escalations and ad-hoc requests from any team or angle.
• Be able to work and empower teams on a fully global level, including a five-day FTS model.
• Ability to co-ordinate with a wide range of stakeholders to drive accountability and remedial activities

Exceptional practical application and execution of:

• Applying, and improving elements of the Vulnerability Management Lifecycle.
• Knowledge of Coding or Programming language to review SAST, MAST, DAST and FOSS related coding issues.
• The ability to use multiple toolsets to convey information, obtain data, and make it meaningful to future plans.
• Business and architectural design experience, including controls analysis, process flows, data flows, etc.
• Knowledge of existing scanning technologies (e.g. Nessus, SAST, MAST, DAST and FOSS scanning).
• Threats and Risk, able to act with insight to deliver a core part of the Cyber Security Operational model in. Multiple functions will come together to ensure the safety of the bank and the ability to continue business under any circumstances.
• Knowledge of CVE’s, CWE’s, CISA, NVD, Mitre and CVSS metrics.

• Minimum 3 years’ experience in working within a threat & vulnerability management function or a minimum of 3-5 years’ experience in working in IT Security or similar role.
• Collaborate with a multi-skilled team delivering core requirements in a simultaneous fashion.
• Excellent organisational, administrative, analytical, and problem-solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines.
• Excellent understanding of SharePoint, Microsoft Excel, Git Hub and Confluence

• A full-time contract (B2B also possible)
• All necessary work equipment is provided by us (computer, monitor etc).
• Certification and training opportunities
• After completion of the project, opportunity to engage in a subsequent one within the company.
• Medicover medical care with dental care
• Medicover Benefits platform / Medicover Sport card
• Collaboration with Mistral AI
• Employee referral program
• Group life insurance
• Opportunity to relocate and work in different ALTEN Polska branches