POSTED Apr 12

Vulnerability Management Specialist

Summary of Position:
The Vulnerability Management (VM) Specialist is a key member of the Information Security Department responsible for leading the remediation to externally and internally identified vulnerabilities impacting Crown Holding. This function is performed on a global scale and by collaborating with business and technical partners to resolve systematic vulnerabilities, notify and coordinate remediation efforts with various lines of business and key stakeholders.
This role has a major impact on security and reduction of risk to our company and customers.
Essential Functions:
•   Technically administer vulnerability scanners and improve effectiveness and efficiency of the VM platform, process, and procedures
•   Enhance VM process with risk-based remediation prioritization approach to address vulnerabilities
•   Collaborate with IT and business teams to ensure prompt and effective distribution of vulnerability findings
•   Manage remediation activities ensuring appropriate, timely and complete resolutions
•   Develop effective metrics to help key stakeholders and business unit understand and lower their risk
•   Create and maintain effective documentation of policies, processes, and procedures
•   Apply published methodologies and enforce program standards
•   Demonstrate ability to conduct cross functional meetings with various stakeholders and effect change
•   Employee strong deductive reasoning, critical thinking, problem solving, and organizational skills

Job Requirements

•   MIS Degree or equivalent work experience and certifications in Information Systems
•   3+ years within Vulnerability Management or risk aligned role which required supporting enterprise vulnerability management and coordination
•   Experience with vulnerability scanners and network analysis tools
•   Experience working with Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (IDPS/PS), Network Traffic Analysis, Incident Response, Endpoint Security Systems, Digital Forensics, WLAN Monitoring and/or Threat Modeling
•   Proficient knowledge and understanding of security systems, risks, concepts, and terminology
•   Hands-on experience with security aspects of critical technologies (e.g., Azure, Windows, Linux, MVS, Web, LDAP, DBMS, Authentication, Authorization, DNS, Vulnerability Assessment tools).
•   Basic scripting knowledge (PS, PERL, Python)
•   Strong ability to diagnose and resolve security and system issues

Core Competencies:
•   Natural passion for security and strong drive to see both projects and investigations to completion
•   High level of personal integrity, and the ability to professionally handle confidential matters
•   Have strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
•   Functional technical knowledge of infrastructure, networking, architecture, security, and applications
•   Ability to effectively collaborate with stakeholders across a global environment.
•   Highly organized, capable of understanding large amounts of data and identifying significant risks
•   Advanced problem solving and problem-solving skills.

Travel

10 – 20%

View all jobs posted by this company

Apply Now!

You don't have a resume loaded to the system, so this application won't include any resume attachment. If you don't have a resume to upload, you can use the cover letter area below and include a link to your resume if you prefer.

Resume

Cover letter

Dear Hiring Manager,
I am reaching out to express my sincere interest in securing a position within your esteemed organization. While my professional journey has not been confined to a specific industry, my versatility and dedication make me well-equipped to contribute effectively to diverse roles.
Having graduated from the IT Fundamentals program at NPower, a renowned nonprofit organization, I have gained a solid understanding of computer systems and networks. My commitment to building a robust IT skillset is underscored by the successful attainment of the CompTIA ITF+ certification. Currently, I am actively participating in a Google Cybersecurity Professional course through Coursera, enhancing my expertise in security practices. Concurrently, I am cultivating proficiency in Python programming, showcasing my unwavering drive to expand my knowledge and skillset continually.
Furthermore, I am excited to share that I will be embarking on Purdue University Northwest’s Cybersecurity Workforce Certification Training in digital forensics, commencing in January. This upcoming endeavor reflects my dedication to staying at the forefront of industry developments and acquiring specialized knowledge to further contribute to the field.
In addition to my technical aptitude, I am a quick learner and a dedicated professional. My enthusiasm for exploring the vast landscape of information technology propels my desire to make meaningful contributions to any team or organization.
Thank you for considering my application. I am eager to discuss how my diverse skills, eagerness to learn, and upcoming certification can be valuable assets in a general employment capacity within your organization.
Sincerely,
Amber Avila

Cover letter

Greetings Hiring Team,
 
I am often brought in to fix a critical information security project that is at risk of missing the deadline.
I bring the ability to navigate the people and politics and lead a team to bring a technical compliance project to successful completion under budget and ahead of schedule.
My PCI-SSS project in 2019 involved a data center migration and avoided the loss of millions in credit card processing fees due to compliance with the payment card industry standards.
My HITRUST project in 2020 helped a large hospital meet federal HIPAA requirements and avoid an OCR investigation with 40% fewer gaps than before.
 
My qualifications include:

5+ years performing audits across multiple risk management frameworks.
Collaboration with subject matter experts from all involved departments including compliance, cloud infrastructure engineering, development, legal, cybersecurity, and human resources while communicating with executive leadership in a non-technical fashion.
Prior to focusing on information security, I led the IT operations for surgical hospitals and managed multiple technical projects.

I am confident that I can help your organization implement information security controls and complete corrective action plans to reduce information and business risk.
 
Gary Holverson, CISM, HITRUST CCSFP
817-223-4769

Cover letter

Dear Hiring Manager:
Thank you for the opportunity to apply for this role at your company. After reviewing your job description, it is clear that you are looking for a candidate who is extremely familiar with the responsibilities associated with the role and can perform them confidently. Given these requirements, I am certain that I have the necessary skills to successfully do the job adeptly and perform above expectations. A few of the skills that I have obtained throughout my professional career that would help me in this role are communication, networking, and adaptability, as well as some technical skills that are listed in my resume. In addition, my past and current experience in IT related fields such as digital forensics and incident response would also allow me to be successful in a professional career with your company.
During my academic and professional careers, I have managed to accrue nearly 5 years of work experience in the cybersecurity and forensics fields. Throughout this work experience, I have grown in my ability to use analysis and reporting tools such as FTK, Encase, and Cellebrite. In my most recent position, I have learned the importance of communication with business partners and customers, and have been able to communicate effectively. In both my academic and professional life, I have been consistently praised as hard-working and team-oriented by my supervisors, professors, and peers, and I look forward to leveraging these skills into the Security role at your company. Please contact me at (412) 443-2728 or via email at conoveranna422@gmail.com at your earliest convenience. Thank you for your consideration, and I look forward to hearing from you soon.
Sincerely,
Anna Conover

Cover letter

View all jobs