Epicareer Might not Working Properly
Learn More

Cyber Security Risk and Enterprise Vulnerability Management Specialist

Salary undisclosed

Apply on


Original
Simplified

Job Title: Vulnerability Risk Assessment

Duration: 12 months

Location: Kuala Lumpur, Malaysia

The candidate must be familiar with enterprise level vulnerability management and remediation lifecycles. The candidate will be performing risk assessments and providing a mitigating control narrative as a cyber security expert. Successful candidate is expected to collaborate with technology team to understand the underlying infrastructure, mitigating controls and provide a strong narrative on the material impact of the open vulnerabilities. The candidate will also need to identify opportunities for automation and reducing manual errors and at the same time assist in the improvement of the vulnerability risk assessment framework.

Basic Requirement:

1. 3 - 5 years of experience in enterprise level vulnerability management, risk assessment, impact assessment and stakeholder management.

2. Demonstrated ability to hold technical discussions with the technology team to comprehend the infrastructure, architecture design, networking, and then assess the vulnerability and its exploitability.

3. Comprehensive understanding of vulnerability lifecycle management, including threat, impact, and risk assessment.

4. Strong knowledge of the characteristics of individual vulnerability and how it operates as a potential exploit.

5. Thorough technological understanding of the most recent vulnerability trends and best practices.

6. Clear understanding of how security technologies such as anti-malware, WAF, IPS, MFA, etc. works in mitigating cyber security risks.

7. Knowledge in encryption standards, data encryption, hashing algorithm, certificate life cycle management is an added advantage.

Skills:

1. Strong understanding of the defense-in-depth strategy.

2. Knowledge of industry standards for assessing security vulnerabilities, such as the CVSS scoring system, OWASP, CVE or SANS CWE software flaws, is required.

3. Solid understanding of Microsoft Excel formulas and macros.

4. Presentation skills and the ability to provide detailed and clear narratives.