Specialist in Vulnerability and Patch Management job

Date published: October 7, 2024

This listing has expired.
ID: 12884 Location: Vienna Task: Other

Our client is an international insurance group based in Vienna and is currently looking for a Specialist in the area Vulnerability and Patch Management.

Tasks

  • The external resource is expected to complete the following tasks
  • Data Processing and Report Generation
  • Review and analyze vulnerability and patch management data from TSA, RIT and Cyberint surface monitoring report.
  • Develop following types of reports
  • Team-Level ReportsDetailed technical reports with actionable insights for the teams responsible for remediation.
  • Security Tactical ReportsReports that show area of weakness, overdue rates in patching
  • Executive-Level ReportsSummary for management, focusing on success rates of incident resolution and key security metrics like patching velocity and Vulnerability exposure & risk indicator per application / business unit.
  • Jira Automation for Vulnerabilities
  • Develop and implement a process that automatically generatesJira ticketsfor each identified mitigation action / vulnerability based on predefined criteria (e.g., severity, risk level, and team responsibility).
  • Ensure tickets include necessary details such as severity, impacted systems, remediation steps, and deadlines.

Requirements

  • Data Processing and Reporting
  • Fluency in English
  • Data Extraction and Analysis
  • Extract relevant data from the available data provided by TSA, RIT in Tenable and Cyberint report, focusing on vulnerabilities, incident resolution status, and trends.
  • Ownership data for assets need to be queried via ServiceNow API or fed via XLS-sheet
  • Categorize vulnerabilities by priority (critical, high, medium, low) and assign each to the respective responsible team.
  • Ensure accuracy in data mapping and alignment with internal security teams scope of responsibility.
  • Report Creation
  • Team-Level Report
  • Must include actionable details for technical staff, such as
  • Vulnerability severity, impacted systems, and remediation timelines.
  • Open vulnerabilities, pending actions, and unresolved incidents.
  • Provide detailed information for each team, outlining their specific tasks for vulnerability remediation and follow-up.
  • Executive-Level Report
  • Provide high-level KPIs for management, including
  • Vulnerability trends and remediation success rates.
  • Mean Time to Resolution (MTTR) for each severity level.
  • Incident closure rates and overall security improvements.
  • Present data using visual elements such as charts, graphs, and trend lines to easily communicate performance to non-technical stakeholders.

What they offer

  • 100% Remote

Upload your resume

resume FILES *
Allowed File Types: DOC, DOCX, PDF, RTF.
MAXIMUM 2 files (MAXIMUM 10 MB per files).

dRAG & dROP THE FILES HERE
OR