Manager (Vulnerability Management)

Details of the offer

Manager (Vulnerability Management) will oversee the organization's offensive security, vulnerability management, and security baseline compliance programs.
This role is critical in identifying vulnerabilities, enforcing security standards, and ensuring that all systems adhere to established security baselines.
The ideal candidate will have approximately 10-15 years of experience in cybersecurity (candidates with impactful experience in shorter spans will also be considered), with a proven background in Red Team operations, vulnerability management, security baseline practices, and people management.
This position will work closely with senior management, supporting strategic decisions while ensuring autonomy in leading day-to-day operations and team development.
Key Responsibilities:
Cyber Defense Design & Development
Collaborate with cross-functional teams to design secure solutions aligned with business objectives and compliance requirements.
Build and maintain secure environments for Red Team and Penetration Testing activities, ensuring a realistic simulation of threat scenarios.
Lead the adoption of new technologies in vulnerability management scope such as Application Security, Vulnerability Scanning, API, cloud, identity security, etc.
Cyber Defense Assessment
Oversee and conduct regular penetration testing, Red Team, and Purple Team exercises to identify vulnerabilities and improve security controls.
Oversee the landscape of vulnerability assessments to evaluate the effectiveness of current security measures.
Lead the remediation strategies and work with stakeholders to remediate and strengthen defenses.
Ensure the enforcement of identity security policies, such as least privilege and Zero Trust principles, across all environments.
Provide detailed reporting on security gaps, risks, and recommendations to executive leadership.
Digital Environment Scanning
Manage and enhance processes for continuous scanning of servers, web applications, APIs, and other digital environments.
Plan on automated tools and workflows to identify vulnerabilities and threats in real time and work with Engineering team on the implementation.
Establish monitoring and alerting mechanisms for suspicious identity-related activities, collaborating with incident response teams to address potential breaches.
Monitor and assess threats across hybrid environments, including on-premises and cloud-based systems.
Ensure compliance with organizational security baselines and industry standards.
Security Performance Monitoring
Establish and track key performance indicators (KPIs) for vulnerability management, identity security, red teaming and penetration testing activities.
Regularly review and analyze security metrics to optimize the organization's security posture.
Implement threat intelligence to anticipate emerging threats and adjust defenses accordingly.
Ensure seamless onboarding of new entities into vulnerability management services, including vulnerability assessment, web assessment, and baseline security adherence.
Leadership and Development
Lead, mentor, and inspire a team of cybersecurity professionals to achieve strategic goals.
Develop a culture of continuous learning and improvement, fostering technical expertise and leadership growth within the team.
Facilitate cross-functional collaboration between Red/Purple Team and Blue Team, as well as Security and Architecture, Risk and Policy, Risk Assurance, and system and application custodian to improve overall security operations.
Provide clear guidance and detailed plans to team members, ensuring accountability and forward-thinking solutions.
Build relationships with external partners to stay updated on cybersecurity trends and best practices.
Qualifications:
Education:Bachelor's Degree in Computer Science, Information Security, or a related field (Master's Degree preferred).
Experience:Approximately 10-15 years of experience in cybersecurity (candidates with impactful experience in shorter spans will also be considered), with at least 5 years in Red Team/penetration testing, vulnerability management, and security baseline management, and 3+ years in a leadership role.
Certifications:OSCP, OSCE, CRTE, OSEP, CISSP, or relevant certifications in vulnerability management and security baseline frameworks (e.g., CIS or NIST).
Technical Skills:
Strong knowledge of offensive security tactics, techniques, and procedures (TTPs), along with the MITRE ATT&CK framework.
Proficiency with tools such as Metasploit, Cobalt Strike, Burp Suite, Qualys, EASM platforms, and cloud-native security tools.
In-depth understanding of security baseline frameworks (e.g., CIS Benchmarks, NIST guidelines) and vulnerability management practices.
Management Skills:
Proven ability to lead and develop cybersecurity teams, including managing performance, coaching, and career development.
Strong project management and communication skills to coordinate across functions and communicate with technical and executive audiences effectively.
Key Competencies:
Soft Skills: The ideal candidate should showcase adaptability, the ability to lead effectively under pressure, and foster an innovative work environment.
Exceptional analytical and problem-solving skills with a proactive approach to improving security.
Strong ability to manage complex projects, prioritize risks, and meet deadlines.
A commitment to ethical security practices and handling of sensitive information.
Career Growth: Opportunities for progression into senior leadership roles or specialization in advanced cybersecurity domains.#J-18808-Ljbffr


Nominal Salary: To be agreed

Source: Whatjobs_Ppc

Job Function:

Requirements

Key Account Management (Fmcg/Telecommunications)

Funding Societies | Modalkuis the largest SME digital financing platform in Southeast Asia. We are licensed and registered in Singapore, Indonesia, Thailand,...


Funding Societies Group - Kuala Lumpur

Published a month ago

Operations Team Manager

Job Summary We are seeking a highly skilled and experienced Team Manager for our Digital Marketing department with a strong background in English communicati...


Cognizant - Kuala Lumpur

Published a month ago

Associate Director, Portfolio Risk

Funding Societies | Modalkuis the largest SME digital financing platform in Southeast Asia. We are licensed in Singapore, Indonesia, Thailand, and registered...


Funding Societies Group - Kuala Lumpur

Published a month ago

Manager, Project & Facilities

This job is for a Manager of Project & Facilities overseeing nationwide projects and maintenance. You might like this job because it involves planning projec...


Aeon Credit Service (M) Berhad - Kuala Lumpur

Published a month ago

Built at: 2025-01-20T03:13:13.712Z