UST
Website:
ust.com
Job details:
Role Description
Vulnerability Scanning SME:
Big Bank Funding. FinTech Thinking.
Our Technology teams work closely with global businesses to help design and build digital services that allow our millions of customers around the world; to bank quickly, simply and securely. We also run and manage our IT infrastructure, data-centres and core banking systems that power the world s leading international bank.
Our multi-disciplined Technology teams include amongst others: DevSecOps engineers, technology operational teams, IT architects, front and back-end developers, infrastructure/cloud specialists, cybersecurity experts, Control Owners, and delivery teams (inc. project and programme managers).
Following extensive investment across our Technology and Digital domains and with plans for continued expansion throughout 2023 and beyond, we are currently seeking a Vulnerability Capture SME to join the Cybersecurity team within the Global Technology team.
Brief Overview Of The Business Areas
Cybersecurity is responsible for enabling businesses and functions to manage their information, technology and cybersecurity risks by ensuring these are well-understood, and that controls used to manage such events are defined, assessed, proportionate and operating appropriately. Cybersecurity delivers this via objective, independent, professional and specialized subject matter expertise.
The Cybersecurity Assessment and Testing (CSAT) function, part of Global Cybersecurity, is accountable for Vulnerability Management, Secure Development (including. DevSecOps), Threat and Controls Assessment (threat modelling), Cloud Security and Third-Party Cybersecurity Assessment. The function drives the identification, capture, assessment, testing and ultimately the remediation of security defects, gaps and vulnerabilities across estate in concert with business and technology teams- on premise, within the Cloud and for those resulting from third party engagements.
The
Vulnerability Scanning Subject Matter Expert (SME) will be a key part of the Vulnerability capture team, reporting to the Global Head of Vulnerability Capture. They will, closely collaborate with peers across Cybersecurity and the business development teams to enable the rapid discovery of vulnerability across the global network, thereby reducing the risk by enabling early identification and remediation of security vulnerabilities.
What You Will Be Doing
Perform scheduled and/ or on demand infrastructure vulnerability scanning using both Network and Agent based scans in a large environment.
Triage and addressing of issues which arise from scanning and assessments.
Communication of analysis and validation of scan/ assessment results to stakeholders.
Configure, maintain, operate vulnerability management industry standard tools as well as identifying/ implementing new innovative solutions.
Partnering with global teams and third-party service providers.
What You Will Bring To The Role
Expert knowledge of vulnerability assessment tools e.g. Tenable SecurityCenter, Qualys.
Excellent critical thinking, analytical and problem-solving skills; with exceptional written and verbal communication skills.
Strong team player and collaborative worker.
Understanding Of
- One or more Cloud platforms and cloud vulnerability assessment approaches i.e. Ali Cloud, AWS, GCP, Azure
- End to end vulnerability assessment processes.
- Network and Agent vulnerability scanning in a large environment.
- Industry frameworks and best practices: CIS Critical Security Controls, Threat Modelling, OWASP, NIST 800 Series.
- Operating systems, network protocols, and application development.
Exposure to scripting or programming languages (e.g Python, C+, or PowerShell).
High level of integrity and strong ethical values.
Resilient and self driven, capable of informing and driving change and delivering high-quality outcomes, whilst often under pressure/ at pace.
Come Power a Business that Defines How to Power the World
As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why client is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation.
We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.
As an employee, you will have access to tailored professional development opportunities and a competitive pay and benefits package.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Skills
vulnerability management,cis critical security controls,cloud platforms,vulnerability scanning,cloud security,cybersecurity,threat modeling,cloud,end to end vulnerability assessment
Click on Apply to know more.