Vulnerability Management Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the vulnerability management job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

B Kerluke

Bettie

Kerluke

919 Gerlach Square

Detroit

+1 (555) 137 3077

919 Gerlach Square

Detroit

Phone

p +1 (555) 137 3077

Experience Experience

Dallas, TX

Senior Threat Vulnerability Management

Dallas, TX

Keebler-Prohaska

Dallas, TX

Senior Threat Vulnerability Management

Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
Help build/improve an exception process to manage policy compliance deviation
Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
Working knowledge in RegEx
In-depth knowledge of network appliances (Firewalls, router & switches)
Work with technology owners to validate the policy compliance profiles
Perform policy compliance scans and deliver reports to the technology owners

Detroit, MI

Senior Manager, Vulnerability Management

Detroit, MI

Kutch LLC

Detroit, MI

Senior Manager, Vulnerability Management

Effective as an individual contributor, working in teams, building consensus, working in a matrixed environment
Background in IT development, engineering, operations, or some combination thereof
Keeps abreast of industry best practices, vendor capabilities and academic frameworks to sustain best-in-class program
3+ years working in information security
Moderate (mid-career) working proficiency across all major domains of information security
Supports the budget and resource forecasting process
Partner and collaborate with business and technology teams to provide security expertise as the business teams develop remediation solutions for security threats and vulnerabilities

present

Chicago, IL

Cybersecurity Vulnerability Management Lead

Chicago, IL

Lakin-Carroll

present

Chicago, IL

Cybersecurity Vulnerability Management Lead

present

Develop long term relationships and partnerships with other enabling teams (i.e. other firmwide technical teams)
Proactively manage relationships with stakeholders through effective communication, including interactions with EDs and MDs on a regular basis
Assimilate technical data, work with large datasets and translate into layman terms
Employ defense-in-depth principles along the kill chain to eliminate risk and vulnerabilities and improve security controls
Works with LOB representatives to ensure remediation efforts adhere to corporate policies
Provide best security practices and implementations of these concepts across complex environments
Interface with and support the work of the Cybersecurity GRC Risk and Control teams, and contribute to overall Cybersecurity GRC goals and objectives

Education Education

Bachelor’s Degree in Computer Science

Ball State University

Bachelor’s Degree in Computer Science

Skills Skills

Ability to think strategically, work with a sense of urgency and attention to detail
Demonstrated ability to be reliable and flexible
Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks
Strong interpersonal and customer skills including incident resolution, response and escalation
Flexible and adaptable in response to changing demands
Excellent written and verbal communication and organizational skills
People management experience would be an added advantage
Experience in a fast paced, high stress environment
Experience assisting the development and maintenance of tools, procedures, and documentation
Demonstrated analytical, problem solving, and prioritization skills

Create a Resume in Minutes

15 Vulnerability Management resume templates

Read our complete resume writing guides

Threat & Vulnerability Management Resume Examples & Samples

Perform daily operational monitoring, analysis and reporting of security events from multiple Security Information Monitoring tools and methods for malicious or suspicious activity
Communicate and escalate issues and incidents as required by process or management
The creation of custom scripts, alerts and processes based on security events and threats
Collaborate with CCB Cyber Security, Global Technology Infrastructure, Corporate Cyber teams, and Line of Business Information Risk Management teams for issue resolution and mitigation
Document actions taken within approved event tracking systems
Work with CCB Cyber Security teams on control testing, validation and recertification
Support innovation and enhancement efforts within the CCB Cyber Security function. Qualifications
Experience assisting the development and maintenance of tools, procedures, and documentation
Experience in a fast paced, high stress environment
Ability to think strategically, work with a sense of urgency and attention to detail
Demonstrated ability to be reliable and flexible
Demonstrated analytical, problem solving, and prioritization skills
Network, Security, or Platform certification(s) (S , N , MCSP, CNA)
CISSP or SANS GIAC GCIA certification

Vulnerability Management Lead Resume Examples & Samples

Establish a single framework that allows us to more towards one vulnerability management process which is leveraged by all assessment methodologies
Accomplish real-time security vulnerability management to identify and prioritize vulnerabilities
Respond to and address prioritized vulnerabilities

Vulnerability Management Resume Examples & Samples

Establish a Risk Management Framework that will be used to assess vulnerabilities against AOL systems to determine risk level and mitigation strategy
Plan, develop, and execute vulnerability scans of organization information systems
Analyze data from threat and vulnerability feeds and analyze data for applicability to the AOL environment
Monitor for and review vendor patches for applicability and impact to AOL network and systems
Identify and resolve false positive findings in assessment results
Manages enterprise vulnerability assessments and configuration patch and vulnerability scanning tools
Generate reports on assessment findings/patch compliance and summarize information to facilitate remediation tasks
Manage risk by analyzing technology security threats and potential impacts to the business and help define solutions to mitigate exposure by leveraging expert analytical and technical skills
Build and maintain a comprehensive process to care for all vulnerabilities that impact AOL business process
Respond to & manage remediation of prioritized vulnerabilities and unpatched systems
Develop a clear picture of the risks against our assets, business areas, brands
Provide critical analyses and information from vulnerability data which can be leveraged to enhance the security of our products
Work closely with Security Awareness contact to socialize awareness of new vulnerabilities and threats by leveraging threat alerting services and industry research
Manage tracking and remediation of vulnerabilities by leveraging agreed upon action plans and timelines with responsible technology developers and support teams

CND Vulnerability Management Lead Resume Examples & Samples

Day-to-Day management of team operations
Oversight of the vulnerability management process
Management of the vulnerability scanning process
Creation of technically detailed reports on the status of Information Assurance Vulnerability Alerts (IAVA), Information Assurance Vulnerability Bulletins (IAVABs), Host Based System Security information (HBSS), and current threats based on open source information
Provides recommendations on improving the security posture of the client’s enterprise
Assist in troubleshooting and problem solving a wide variety of client issues
Ability to maintain an active clearance
Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, professional training, or work experience
DOD 8570 Compliance, or the ability to quickly obtain the security certifications: Security+, and CEH
Minimum of ten years vulnerability management experience
Experience in the following technologies: Vulnerability Scanner, Vulnerability Management System, Host Based Security System, Patch Management, and Intrusion Detection/Prevention
Experience in developing, refining, and performing vulnerability management at an enterprise level
Ability to demonstrate strong knowledge of computer security concepts
Demonstrated ability to document processes and procedures
Initiative and a personal interest in Information Technology Security
People skills, and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA) or GIAC Certified Network Auditor
Security Operations Center (SOC) experience
Prior experience with tools such as DISA Assured Compliance Assessment Solutions (ACAS), eEye Retina and Retina Enterprise Manager (REM), DISA Vulnerability Management System (VMS) and CORE Impact
Experience United States Cyber Command guidance on vulnerability management tactics, techniques, and procedures (TTPs)
An understanding of DOD information assurance policy and regulations

Vulnerability Management Director Resume Examples & Samples

Implement the enterprise-wide strategic Attack Surface Recon program under the direction of the Sr. Director, Attack Surface Management with an emphasis on creating a mature program with established key initiatives/projects focused on the reduction of technology risk within Visa
Operate as a Subject Matter Expert within the field
Lead and develop a team of direct reports
Develop solutions and solve complex/unique problems w/ regard to Visa’s Attack Surface
Be expected to regularly make decisions that impact the implementation of plans to achieve annual goals. Decision-making is a key activity associated with this role
Develop departmental plans, including business, production and/or organizational priorities and contribute to the development of the overall Attack Surface Management functional strategy
Work with IT and business teams to develop solutions that address root causes
Enhance existing Vulnerability Management, and Security Dashboard tools and processes to extend coverage, increase effectiveness and expand capabilities
Assist in the continued development of a world class Security Single Pane of Glass for Metrics, Reporting, Workflow, and Operational use of all relevant Attack Surface information
Work with diverse IT and business teams to assist in developing solutions to remediate identified vulnerabilities and misconfigurations in a risk prioritized, effective and efficient fashion
Prioritize and implement process and tools to provide for the continuous analysis of security threat information (viruses, industry events, hackers and zero day exploits, OEM weaknesses, etc.) in order to proactively assess and investigate existing as well as emerging vulnerabilities and their potential impact to Visa
Coordinate technical aspects of vulnerability response in support of Audit, Legal, Human Resources, Corporate Security and Executives
Leadership in the continued evolution of a data model and data architecture to support the Vulnerability Management Program; devise and implement key risk indicators, metrics and reporting across all vectors with the goal of identifying current threats and Visa’s ability to defend against those threats
Possess the ability to effectively identify, evaluate and communicate new and ongoing security issues and risks to senior management
Minimum Bachelor’s Degree in Computer Science (or related field) or equivalent work experience
12-15 years of experience in Information Security with experience in vulnerability management, security configurations management, metrics and risk dashboards
Should have leadership experience of both direct and cross functional teams, as a well as possess strong technical security skills and comprehension of security and risk
Be able to manage complex projects and diverse teams of both direct and indirect reports
Familiarity with Vulnerability Management tools such as Qualys QualysGuard, nCircle IP360, McAfee Foundstone, Tenable Nessus, etc
Familiar with Policy Compliance tools such as Qualys QualysGuard, Symantec CCS, Microsoft SCM, etc
Familiar with Web Application Scanning tools such as WhiteHat, IBM Appscan, HP WebInspect, etc
Familiar with Security Single Pane of Glass implementations or frameworks such as RSA Archer, Modulo, Risk I/O, etc
Extensive knowledge and experience with diverse IT architectures and enterprise IT data centers, large scale transaction processing environments, external hosted services and cloud computing environments. Extensive knowledge and experience with physical and virtual server configurations and implementations
Extensive experience working with
Security management tools (i.e. vulnerability scanners, file integrity monitoring, configuration monitoring, etc.)
Perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.)
Extensive knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)
Knowledge of and experience with applying Common Weakness Enumeration (CWE), Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVS and Open Web Application Security Project (OWASP) processes and remediation recommendations
Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database and application servers, for both custom and off the shelf applications
Must be both a self-starter and team player with the ability to work independently with limited supervision
Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively
Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines
Security-related certifications a plus

Vulnerability Management Lead Resume Examples & Samples

Work with computer operations to define standard operating system builds and configurations and develop effective build maintenance processes
Investigate solutions to automate server build, configuration and vulnerability patching
Maintain knowledge of in-the-wild vulnerability exploitation techniques, assess risk to enterprise and prioritize remediation
Develop long term server integrity strategies and solutions
Previous management experience in global organization
Strong ability to drive change in an organization
Abilities to create and implement processes that can scale
Familiarity with good security practices and implementation of these concepts in various scenarios
Ability to craft presentations and updates for senior management

Vulnerability Management Resume Examples & Samples

Assesses Security Advisories from multiple sources
Determines appropriate CVSS scoring
Serve as a technical escalation point for VM analysts
Owns the end to end process and works with engineering on the tools to enable the remediation of cyber vulnerabilities to the Firm
Minimum of five years experience with solid and demonstrable comprehension of Information Security including vulnerability & compliance tools and processes, associated vulnerabilities, awareness of emerging threats and attacks mapped to effective controls and/or Mitigation solutions
Multiple event correlation/analysis
Solid and demonstrable comprehension of end to end Vulnerability Management to include industry standards such as CVE, CPE, CVSS
Sound awareness of leading vendor products/applications from Oracle [Java], Adobe and Microsoft to include product lifecycle & release schedules
Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, database
Design and implementation experience of Operational process/workflow
Experience in large scale Enterprise technology environments
Experience assisting the resolution of customer escalations, incident handling, and response
Exposure to Regulatory & Audit compliance management
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
Previous experience with remote team management
Demonstrable strong leadership skills
Previous 24 x 7 operations experience

AVP, Vulnerability Management Resume Examples & Samples

Lead and mentor Security Analysts and Engineers in pursuit of team objectives
Manage and implement Vulnerability Management tools and processes
Partner with other technical areas where necessary to ensure the vulnerabilities are understood
Identify and integrate with asset inventories
Perform analysis of the vulnerability scan results
Identify false positives
Provide remediation recommendations
Perform scans when required; scheduled and on demand
Engage relevant service delivery teams as required
Manage issues using issue tracking tools
Assist in security incident response when required
Participate in audits and assessments, providing evidence and supporting documentation

Vulnerability Management Resume Examples & Samples

Works with multiple data sources and inventory to assess impact
Articulates exposure and coordinates Mitigation solutions
Works with Cyber Engineering and Security Operations to implement Mitigation solutions and establish monitoring
Provides constant situational awareness
Solid and demonstrable comprehension of Information Security including vulnerability & compliance tools and processes, associated vulnerabilities, awareness of emerging threats and attacks mapped to effective controls and/or Mitigation solutions
Ability to assess and mine using data with correlation and analysis
Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, database,

Vulnerability Management SME Resume Examples & Samples

Minimum 3 year experience of working on Server OS Administration (Wintel + Unix + Linux)
Minimum 2 year experience on managing Patching / Vulnerability Management
Familiar with basic concepts of patching tools (BMC, IBM, Wsus or other)
Minimum 1 year experience on client facing roles

Senior Manager, Vulnerability Management Resume Examples & Samples

Background in IT development, engineering, operations, or some combination thereof
3+ years working in information security
5+ years working experience across IT and information security
Moderate (mid-career) working proficiency across all major domains of information security
BS or MS in Computer Science, Computer Engineering, Electrical Engineering, or related field; or BBA, MBA, or MIS and demonstrated significant prior work experience in the information security field
Demonstrated significant prior experience managing teams, projects, and/or programs
Demonstrated significant prior experience managing project scope, schedule, and cost, including basic finance, forecasting, and budgeting
Effective as an individual contributor, working in teams, building consensus, working in a matrixed environment
Effective communicator spoken, written, and visual media. Can readily distill and convey important technical concepts to less- (or non-) technical stakeholders
Able tohandle sensitive matters with the utmost discretion
Technical competence in network security, wireless security, database security, web and mobile application security, data protection, encryption, authentication, identity & access management, and the internet of things
Previous experience conducting or managing penetration tests, vulnerability scans, and the like
Previous experience with information security risk governance and vulnerability management processes
Previous knowledge of XFINITY Home and/or Comcast IT environments
Previous work on security systems or other hybrid physical / cyber security environments
Previous experience working with Comcast central information security department (IIS)

Vulnerability Management Lead-cybersecurity Resume Examples & Samples

Works with larger team to identify exposure, vulnerability assessment, and root cause of systemic issues leading to presence of vulnerabilities/hygiene issues
Configure and run automated vulnerability scanning tools, prioritize remediation, and track exceptions
Respond to and manage the results of third party server penetration tests
Develop and maintain server software inventories and manage application whitelisting solutions
Investigate, recommend and deploy virtual patching solutions
Communicate compliance issues to IT managers in an effective and appropriate manner
Report on information security metrics to demonstrate operating system integrity effectiveness and generally support Governance, Risk and Compliance activities as required
Excellent relationship/partnering skills with other enabling teams (i.e. other firm wide technical teams)
Ability to assimilate technical and voluminous data and translate into layman terms
Ability to work well under pressure and juggle multiple priorities

Cybersecurity Vulnerability Management Lead Resume Examples & Samples

Drives and coordinates timely remediation of security vulnerabilities across Line of Business functions
Works with LOB representatives to ensure remediation efforts adhere to corporate policies
Coordinates remediation of specific high visibility, critical vulnerabilities as detailed by the Service Delivery Lead
Support a wide variety of Cybersecurity initiatives within the Vulnerability Management/Risk Management arena
Utilize security / vulnerability scanning tools including Qualys and Symantec ESM
Support senior leadership enterprise-wide through both verbal and written communications
Develop long term relationships and partnerships with other enabling teams (i.e. other firmwide technical teams)
Provide strong project management efforts while able to take the initiative, work under pressure to deadlines, and to juggle multiple priorities
Provide best security practices and implementations of these concepts across complex environments
Assimilate technical data, work with large datasets and translate into layman terms
Comprehend and breakdown complex technical vulnerabilities
Communicate in a persuasive manner with diverse personnel at all levels of the organization
Experience within the Vulnerability Management/Risk Management arena
Good understanding of technology concepts across Windows, UNIX, Database (Oracle, MS SQL, Sybase) and Web
Good understanding of security / vulnerability scanning tools (eg. Qualys, Symantec ESM)
Strong project management/organizational skills
Able to take the initiative, work under pressure to deadlines, able to juggle multiple priorities
Good understanding of technology concepts
Familiarity with good security practices and implementation of these concepts across complex environments
Ability to assimilate technical data, work with large datasets and translate into layman terms
Strong attention to detail and data accuracy when undertaking data analysis
Self-motivated and operates with a high sense of urgency and a high level of integrity
Able to understand and breakdown complex problems
Current Certified Information Systems Security Professional (CISSP) or GIAC Security Essentials (GSEC) certification
Experience managing physical and/or virtual security programs on a broad scale

Enterprise Vulnerability Management Lead Resume Examples & Samples

Manage and direct contract support resources to efficiently facilitate the mitigation of system vulnerabilities
Influence system owners, IT custodians, and operations support teams to understand vulnerability impact and implement vulnerability mitigations in the most expedient manner possible
When needed, identify acceptable workarounds, solutions or exceptions to vulnerabilities that do not have straightforward mitigations (such as an OS patch or update)
Quickly discern accuracy of reported vulnerabilities disposition and when appropriate reprioritize criticality, remove false positives and work to address root cause of misaligned dispositions
Manage multiple different vulnerability mitigation projects in various states from targeted cleanup “sprints” to recurring ongoing vulnerability sweeps
Seek, share and implement best practices with the other internal business EVM leaders and potentially external industry partners
Identify and implement opportunities for continuous improvement of the EVM program
Provide thought leadership and direction on state-of-the-art EVM programs
Effectively lead, coach and mentor across all levels of workers from team members to contract resources to organizational peers to leadership to effectively bring about a world-class EVM program
Excellent communication, negotiating and influencing skills at all levels of the organization as well as with external organizations
Build a strong customer focused culture that focuses on delivering solutions in a productive, efficient manner, working across technologies and geographies
BS, BA, MSC or MBA in engineering, information technology, computer science or related technical field or equivalent
Strong, broad knowledge of enterprise platforms, enterprise systems, and enterprise client environments including but not limited to Windows, Linux, Solaris, Oracle, Apache, IIS, JBOSS, Java, Adobe, etc
Relevant professional experience leading an enterprise vulnerability management program preferably with strong hands-on technical solutions support for large and diverse user communities
Outstanding organizational, presentation & communication (oral & written) skills, fluent in English
Strong ownership and accountability with proven track record of execution
Budget & resource management experience
Hands on familiarity with network based vulnerability scanners such as Qualys and Veracode
Excellent networking skills and ability to work effectively in matrix organization
Demonstrated project ownership and accountability
Ability to learn complex systems and business processes and define requirements for solutions Self-starter & quick learner

Senior Threat Vulnerability Management Resume Examples & Samples

Responsible for defining, ratifying and maintaining a formal Threat & Vulnerability Management Program; and framework that defines the vulnerability priorities aligned with business criticality
Responsible for providing governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation
Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
Translate Technical Security Standards into policy compliance profiles in enterprise security tool
Work with technology owners to validate the policy compliance profiles
Review the policy compliance scan results with stake holders
Onboard the assets for target technologies in enterprise security tool
Create required authentication records for target technology assets in enterprise security tool
Perform policy compliance scans and deliver reports to the technology owners
Help build/improve an exception process to manage policy compliance deviation
Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to manage the TVM Team to develop and update as appropriate
Be able to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services
Bachelor's Degree in Business, Management, Computer Sciences, or equivalent prior work experience in a related field
Five to seven years of experience in Qualys policy compliance and vulnerability management
Exposure to Qualys APIs
Knowledge of scripting languages like python and Perl
Understanding of CIS-Benchmark and NIST framework
Working knowledge in RegEx
In-depth knowledge of operating systems security configuration (Windows servers and workstations, AIX/Linux/Solaris, and Apple MAC)
In-depth knowledge of network appliances (Firewalls, router & switches)
In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL)
Strong analytical skills (i.e., technical and non-technical problem solving skills)
Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN
Outstanding oral and written communications skills. This includes the ability to make formal stand-up presentations to all levels of management, etc

Deloitte, Vulnerability Management Resume Examples & Samples

Weekly & monthly reporting of vulnerabilities and risk priorities to clients
Ensure all VM scans are kept accurate and up to date
Ensure daily, weekly and monthly checks are carried out accordingly
Ensure team mailbox and distribution lists are adequately monitored and responded to in a timely fashion
Lead and co-ordinate all client meetings to maintain weekly / monthly governance and compliance for vulnerability management
Develop and enhance the regular reporting of current vulnerabilities and associated remediation activities to key clients
Conduct regular reviews of the Vulnerability Management service to drive continual service improvement initiatives and support similar initiatives in other areas where they provide a service component
Provide insight and risk remediation advice to Patching teams
Develop APIs with vendor tools for reporting and insight
Promote active collaboration between the teams within the CIC
Maintain the relationship with the CIC’s Cyber Check vulnerability 3rd party vendor
Engage with other Deloitte member firms to mature the vulnerability management service
Be the single point of contact for vulnerability management activities in the CIC
Scan the industry for emerging best practices that would allow the CIC to improve its vulnerability management position
Have a broader perspective of potential issues encountered when managing diverse teams and the strategies to overcome them; have a clear understanding of the firm’s commitment to creating a more inclusive culture
Ability to communicate professionally and effectively in written or oral format
Ability to think analytically and solve problems
Ability to troubleshoot and resolve network/application/operating system security issues
Knowledge and experience with designing, building, supporting, and trouble-shooting vulnerability management technologies in an enterprise environment
A working knowledge of the following areas

Director of Vulnerability Management Resume Examples & Samples

Bachelor's Degree and 12+ years of experience. Master's degree preferred
Significant experience running an Information Technology vulnerability management program and working in an Information Technology vulnerability management program as lead analyst or engineer
Strong analytical skills; ability to evaluate information, rapidly break it down and arrive at meaningful conclusions
Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties
Proven experience leading an IT team in the vulnerability arena
Experience with Windows or Unix Administration
Experience with vulnerability management solutions and associated GRC components
Technical understanding of IP based networks, operating systems, wireless technologies
Experience in security system design, deployment or administration
Experience with a major vulnerability management framework such as McAfee MVM, Tenable Nessus, Tripwire IP360, Rapid7 Nexpose, Qualys, IBM AppScan, HP WebInspect

Cybersecurity Vulnerability Management Resume Examples & Samples

Intake, review, and verify security advisories, vulnerability notifications, and other internally generated vulnerability information
Provide in-depth analysis of new vulnerabilities and provide recommendations for mitigation and/or remediation in partnership with other engineering and technical teams
Participate in development of operational run books and other documentation critical to day-to-day business operations
3+ years information security experience
5+ years of direct, hands-on technical experience in systems/networking administration, system engineering/architecture, security operations, or penetration testing
7+ total years working in information technology
Familiarity with vulnerability scanning tools such as Zap, BurpSuite, or Nessus
Strong understanding of a variety of technical concepts including: networking, systems administration, application security, viruses/malware behavior, and penetration testing
Ability to develop mitigation and/remediation actions based on knowledge of the vulnerability and impacted systems
Working knowledge of one or more security frameworks such as the NIST Cyber Security Framework or CIS Critical Security Controls
Superior verbal and written communication skills with the ability to understand complex problems while formally presenting them simplistically to a variety of customers
Ability to develop strong working relationships with a variety of other enabling teams

Senior Manager, Vulnerability Management Resume Examples & Samples

Lead a team to communicate known vulnerabilities and threats in the Comcast system and environments to business owners
Partner and collaborate with business and technology teams to provide security expertise as the business teams develop remediation solutions for security threats and vulnerabilities
Lead initiatives that enhance Comcast's Audit, risk and information security processes within its GRC and Analytics tools
Foster a team culture of continuous improvement, mentoring and learning, data driven decisions, and accountability for delivery of key metrics and deliverables
Keeps abreast of industry best practices, vendor capabilities and academic frameworks to sustain best-in-class program
Effectively manages Managed Security Services resources by ensuring resources are appropriately tasked and delivering against milestones. Escalates skill set issues to MSS Management and recommends corrective action
Produces complex, high-priority recurring and ad-hoc reports with the purpose of measuring progress towards goals, measuring performance against objectives, and identifying improvement opportunities in the areas of risk of compliance. Will feed this data directly into the GRC Scorecard

Dir Vulnerability Management Resume Examples & Samples

A minimum of 5+ years of experience in InfoSec or Cyber vulnerability management role, with large scale, global and complex environments similar to Nike
Proven experience setting strategy and direction for Attack Surface Reduction, Vulnerability Management organization, including configuration of assessment tools
Running of day to day operations including vulnerability assessments and remediation efforts
Generating reports on assessments findings and summarizing to facilitate remediation tasks
Recommending security controls and/or corrective actions for mitigating technical and business risk
Producing vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
Delivering multi-year roadmaps for the Attack Surface Reduction function
Leading and managing team of subject matter experts including staffing and direct daily people management
Demonstrating ability to perform independent analysis of complex problems and distill relevant findings and root causes
Managing contracts with 3rd party vendors including SOW creation, RFPs, and escalations
A broad and deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies
Experience with cyber threat intelligence handling
Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and the associated impact on the organization
Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
Excellent interpersonal skills and strong verbal and written communication
8 + years of technical experience or Cyber Security
Proven management experience leading a globally diverse team
Windows, UNIX, Linux, and mobile operating systems
Programming Languages, e.g. C, C++, C#, Java, PHP, PERL
Scanning tools (e.g. Nexpose, Nessus, Qualys, McAfee, etc.)
Computer hardware, middleware, and package systemss
Web-based and mobile applications
Security frameworks (e.g. ISO 27001/27002, NIST, SOX, PCI, etc.)
Vulnerability assessment
Metasploit framework

RTB Vulnerability Management Resume Examples & Samples

Assist Risk Owners to accurately assess the likelihood and impact of technical vulnerabilities
Provide accurate and timely data for technical vulnerability reports as per approved standards and processes
Consolidate multiple sources of control gaps and vulnerabilities
Utilise the BU and Functions Information Asset Registers to and deliver a priority map for vulnerability remediation of production or disaster recovery applications and systems
Provide input to Security Solutions for the creation and update of Secure Builds and Secure Building Blocks
Management of non-compliances to Information Risk Standards and Policies for the RTB teams on security issues identified
Security qualification (CISSP or CISM preferred)
Strong relationship, communication and stakeholder management skills

Expert Vulnerability Management Lead Resume Examples & Samples

Coordinates and manages timely remediation of security vulnerabilities across a variety of technologies
Responsible for the technical direction of team members to meet quarterly milestones and objectives
Works with business representatives to ensure remediation efforts adhere to corporate standards and policies
Provides analysis of remediation actions for both point in time and post event analysis
Coordinates remediation of high visibility, critical vulnerabilities in conjunction with senior analysts or senior analyst leads
Bachelor's degree in Computer Science, Cyber Security, or related discipline; advanced degree preferred
One or more relevant technical security certifications (GIAC, CISSP, CEH etc)
12+ years of professional experience
Minimum 5 years professional experience in Information Security
Understanding of a variety of technical concepts such as: networking, systems administration, application development, application security, viruses/malware behavior, and penetration testing
Experience with business and/or data analytics with the ability to provide qualitative analysis and recommendations
Strong organizational and/or project management skills
Strong attention to detail, data accuracy, and data analysis
Current Security+, Network+ or equivalent experience. Higher level certifications such as GIAC Certified Incident Handler (GCIH) or GIAC Penetration Tester (GPEN) are strongly preferred
Experience with AWS or Azure environments
Windows Servers, Desktops, Laptops
UNIX Servers (Solaris, Red Hat Enterprise)
Network Switching and Routing (Cisco, Juniper)
Vulnerability/Port scanning solutions such as Nessus, Nmap, Guardium, Imperva, and Nexpose, Qualys, Nessus
Familiarity of TCP/IP and associated protocols

Director of Threat & Vulnerability Management Resume Examples & Samples

Information Security Threat and Vulnerability Management
Detailed knowledge of system security vulnerabilities and remediation techniques
Expert knowledge of Vulnerability Management Systems such as (Nessus Security Center, Qualys, and Nessus Cloud)
Experience with SIEM. Splunk Enterprise tool preferred
Understanding of Web application vulnerabilities
Knowledge of network topology and enterprise systems
Expert knowledge of multiple operating systems, cryptography, Linux/Ubuntu and Windows Server operating systems
Self-motivated and detail-oriented with strong technical, analytical, communication and interpersonal skills
Experience and ability to handle multiple project with tight deadlines
Minimum of 5 years of combined Information Technology and Security experience
Minimum of 5 years’ experience in an enterprise company with responsibility for vulnerability management and security incident response
Security and Technical Certification: CCNA, CISSP, CISA (preferred.)

Patch & Vulnerability Management Resume Examples & Samples

0-1+ year(s) of relevant consulting or industry experience
Demonstrated ability to write clearly, succinctly, and in a manner that appeals to a wide audience
Proficiency in word processing, spreadsheet, and presentation creation tools, as well as Internet research tools
Demonstrated strong understanding of large scale information technology systems, business processes, security regulatory risk management and security vulnerabilities
Experience in one or more of the following information security domains

Cybersecurity Vulnerability Management Lead Resume Examples & Samples

Bachelors’ degree in computer science, information systems or related field; advanced degree preferred
8+ years of overall IT experience preferred
7+ years of technology experience, ideally including experience in the Financial Services and Cybersecurity or related fields
Certified Information Security Auditor (CISA) or willingness to pursue
Strong working knowledge of operations practices in the context of Cybersecurity
Knowledge of what constitutes a cybersecurity attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues
Keeps technical skills current, able to contribute to in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation
Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations
Effective negotiation and influencing skills
Ability to both learn from colleagues and think outside the box

Vulnerability Management Resume Examples & Samples

1+ years of experience with vulnerability analysis and risk management
Knowledge of National Institute of Standards and Technology (NIST) SP 800-53 for unclassified systems
Ability to produce technical documents
Ability to manage multiple assignments, adjust priorities, and meet deadlines based on mission requirements
DoD 8570 IAT II or IAM II Certification
Experience with creating Standard Operating Procedures (SOPs) or similar deliverables
Ability to develop effective working relationships that improve the quality of work products
Possession of excellent oral and written technical communication skills
Top Secret clearance preferred
BA or BS degree in CS, MIS, or other related technical field
DoD 8570 IAT III or IAM III Certification

Vulnerability Management Expert Resume Examples & Samples

Create, monitor, and maintain security baselines based on industry standards
Monitor vulnerability and threat feeds that may impact Novartis Implement tuning requests from cyber security stakeholders to ensure tools are providing maximum value Coordinate security technology design with the architecture design area Liaise with other teams in information security & risk management, architecture & infrastructure management as well as business functions to ensure security technologies are in alignment with protection goals. Stay up to date with industry trends and current security practices. Recommend the implementation information security technologies that address specific risks
Fluency (written and spoken) in English
5+ years of working experience, 3 of those years with Information Security management Demonstrated experience deploying security technologies at large corporations Experience in reporting to and communicating with management (with and without IT background, with and without in depth risk management background) on information risk topics Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences, and to audiences with a risk management profile as well as those with a less outspoken risk management profile. Excellent understanding and knowledge of general IT application technology, systems and management processes Experience designing IT services, working closely with vendors and making full use of their capabilities Proven experience to initiate and manage projects that will affect other divisions, departments

Threat & Vulnerability Management Assosiate Resume Examples & Samples

Ability to work under pressure and to tight timescales
A detailed understanding of, and experience in, IT security
Candidates should be self-directed, innovative, proactive, pragmatic and highly motivated
Detailed Windows/*nix operating system knowledge
Technical understanding of security products such as firewalls, IDS, and security aspects of underlying operating systems
Appreciation of trends in IT security
Good understanding of OWASP Top 10
System Administration skills
Programming/coding Skills
Broad interest in Security
Able to think outside the box
Basic Presentation skills
Hands-on support in Projects

Cybersecurity Vulnerability Management Resume Examples & Samples

Function as the primary point of contact in-region for Vulnerability Management and work directly with the Regional Chief Information Security Officer
Directly manage a team of 2-4 analysts responsible for a variety of tasks including vulnerability advisory management, metrics and analytics, and root cause analysis
Provide in-depth analysis of new vulnerabilities and provide recommendations for mitigation and/or remediation in partnership with engineering and technical teams
Provide operational support and guidance to Global Cybersecurity teams related to vulnerabilities and vulnerability management
Develop metrics and analytics on several different types of data related to vulnerability management such as asset inventory, vulnerability scan data, and application security scan data
Direct experience with conducting data analytics and conducting root cause analysis based on the data

Threat & Vulnerability Management Resume Examples & Samples

Hardening Guidelines: Ensures that for all relevant appropriate hardening guidelines are available and adopted to ABB security needs. Works together with the service providers to ensure that the hardening guidelines are implemented
Assessment Report Management: Defines the report format, reviews the security configuration reports from the providers, triggers timely provision of reports, requests changes updates etc. Reviews and checks completeness of reporting results and also quality of the provider reports
Deviation Management and Exception Hardening: Assesses the reports and risk assesses deviations from expected configuration. Maintains a database of deviations and accepted exceptions
Exception Handling: Reviews exception and manages escalation of unaccepted deviations. Works with service providers and InfoSec Risk Management in cases of different assessments of risk
Communication: Communicates deviation to the relevant organizations for mitigation and also exceptions to all relevant bodies
Management Reporting: Reports the security status in terms of security configuration to the relevant bodies (i.e. InfoSec Management, Service Management)
Others: On-boarding of new applications, systems, service providers etc. Integration of new service providers into the Security Configuration Management processes and activities
Associates degree and 7 years of IT focus experience with a minimum of 2 years information security experience
In-depth security configuration knowledge of two or more of the following: Windows Server OS, Linux Server OS, Cisco iOS, SAP, AIX, SQL, Oracle Databases, or IaaS cloud solutions
In-depth knowledge of security configuration baseline documentation such as Center for Internet Security- Security Benchmarks, US Defense Information Systems Agency - Security Technical Implementation Guides, or SANS Top 20 Critical Security Controls
In-depth knowledge of ISO 27001/27002 Certification for ISMS, Sarbanes Oxley (SOX) Compliance, and international data privacy laws
Quick learner who has a bias for action, self-directed, and decisive
Good English language skills (spoken and written)
Ability to communicate ABB compliance requirements to technical and business stakeholders
Good management skills for interaction with service provider and internal organization
Team player & multicultural sensitivity
Knowledge of security auditing and vulnerability assessment tools such as RSA Archer, QualysGuard, FireEye Retina, Onapsis, or Rapid 7-Compliance
Knowledge of security auditing and vulnerability assessment techniques & methodologies
Desired Information Security Certifications such as CASP, CCNA Security, CCSP, CISA, CISSP, or CISM
Experience in working in outsourced environments

Vulnerability Management Lead Resume Examples & Samples

Update and maintain the SOPs for the Vulnerability Management Program
Manage the ACAS implementation
Conduct vulnerability auditing on 100% of DSS Information Systems with the DISA Assured Compliance Assessment Solution (ACAS), current vulnerability auditing solution, or a combination of solutions. Weekly audits will be delivered to the system owners and on demand audits will be performed on devices not accessible during automated vulnerability audits on all DSS enclaves
Maintain compliance to the standards set by the DISA Filed Security Operations Command Cyber Readiness Inspectors (CCRI) and Certification and Accreditation and all applicable DOD inspection programs
Develop and maintain a dashboard on DSS CND SharePoint with current vulnerabilities, IAVMs on DSS computing devices. Include associated ACAS plugins, suspense dates, POAM status, system owners, percentage of compliance, and status
Develop and maintain a dashboard with the current Security Requirements Guides (SRG) and Security Technical Implementation Guides (STIG) and implementation status on DSS environment. Include associated vulnerabilities, suspense dates, POAM status, system owners, percentage of compliance, and status
Conduct monthly audits to include but not limited to STIG-SRG, SCAP, and all system vulnerabilities in compliance with mandated DOD directives
Conduct and report daily audits in support of identity assurance in order to validate user accounts, computer accounts, privileged accounts, system accounts, and report any anomalies to Incident Responders
Coordinate the assessment of vulnerabilities with system owners
Provide detail vulnerability reports
Assist other team members with developing mitigation plans
Support system administrators with resolution of vulnerability findings
9 years’ of Cyber Security experience (7 Years’ with a Master’s degree) with a Bachelor’s degree in a technical specialty: cyber security, computer science, or similar field. We may consider four (4) additional years of relevant experience in lieu of a degree
At least 4 years of experience successfully managing a Vulnerability Management in a DoD environment
At least 5 years of relevant experience working with a combination of ACAS, SRG, CCRI, STIGs, IAVMs
Experience with Cyber security policies, operations, and reporting requirements
Experience performing vulnerability audits and assessments
IAT-I, II or III IA Baseline Certification (SEC+, CISSP, etc.)
CND IA Auditor Baseline Certification: (CEH, CISA, GSNA)
Computing Environment or OS Certificate
Security+ CE certification
Must possess an active/current TS/SCI clearance
CEH certification
CCNA certification
Familiar with any of the following: Akamai, Splunk, Cisco, McAfee, SCAP, ACAST, F5