Vulnerability Management Expert

Job Description: Responsible for owning the Vulnerability Management. The individual is supported by platform teams for remediation actions. Focal point of contact for Vulnerability Management and related topics- a go-to person for consultation regarding the vulnerabilities identified by the tool and guide & assist Infrastructure and Application teams to remediate the vulnerabilities identified under their application/infrastructure scope. Person will be responsible preparing the Vulnerability Management Plan and the executes plan through all the phases of Vulnerability Management Lifecycle. Ensures that the Vulnerability scans are scheduled, configured in tool and are executed as per the schedule. Any failure of scans is to be investigated and schedule to re-run. Conducts periodical discovery of IT Assets and ensures that identified assets are highlighted to CMDB owner for appropriate Asset tagging and also onboards the new asset in Vulnerability Management tool. Assess the identified vulnerabilities and study & understand the risk profile, impact as per environmental context. Lead the discussions with Infrastructure and Application teams and advise them the relevance of vulnerability and help them understand the impact. Understand the false positives reported and the technical limitations of the environment and facilitate the process of Risk Acceptance. Person will be responsible to liaise with various stakeholders for proposing and maintaining the approvals for such cases. Collaborate with Infrastructure teams- Windows, Unix, Networks etc. for the remediation of the identified vulnerabilities. Maintain the Vulnerability Dashboard for the scope and submits reports both of Technical teams and Management Reporting. Organize work in order to achieve compliance to established KPIs for Vulnerability Management and proactively work towards achieving the same. Maintain periodical reporting on the progress. Escalate- discuss and consult- as required to next levels and Management in timely manner. Provide subject matter expertise for the Vulnerability Management service; Lead the Penetration testing remediation planning with cross functional teams. Conduct new threat exposure scanning across the asset scope and advise the applicability and lead remediation exercises with cross functional teams; Participate in meetings with various stake holders as per the schedules. Liaise with different teams in different geographical zones. Propose, plan and execute Service improvements initiatives. Adhere to different policies set out by the organization. Prepare and provide different reports (weekly/monthly/ad-hoc) to the Manager as necessary. Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities. Keeping abreast of new threats and vulnerabilities and provide analysis as per applicability. Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Com