Vulnerability Remediation Manager, Security Testing Service
Capital One
full-time
Posted on:
Location Type: Office
Location: McLean • New York • Texas • United States
Visit company websiteExplore more
Salary
💰 $147,100 - $201,400 per year
Tech Stack
About the role
- Serve as an Cyber Security Remediation subject matter expert
- Collaborate with a team of Information Security professionals to provide subject matter expertise to business project & engineering teams
- Evaluate the status of Cyber control programs through analysis of information security metrics
- Articulate operations, compliance, and cybersecurity objectives for business leadership to inform prioritized risk reduction
- Effectively communicate the impact of operations, compliance, and cybersecurity gaps to multiple audiences, encouraging remediation activities to enhance their cybersecurity posture
- Lead activities in response to large-scale enterprise remediation efforts
Requirements
- High School Diploma, GED, or equivalent certification
- At least 4 years of experience with vulnerability identification and management
- At least 4 years of experience with IT operations
- At least 4 years of experience with technology or cyber security risk management frameworks
- CISSP, CEH, AWS Cloud Practitioner or AWS Certified Solutions Architect Associate certification (preferred)
- Experience with monitoring, gathering, and assessing artifacts as part of continuous security monitoring (C&A, PO&AM, NIST 800-37)
- Experience in operational compliance or IT audit
- Experience as a Systems Administrator or Network Administrator
- Experience with Static and Dynamic Application Security Testing, scanning tools and processes
- Experience utilizing Agile methodologies
Benefits
- Health insurance
- 401(k) matching
- Performance based incentive compensation
- Comprehensive competitive benefits
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
vulnerability identificationvulnerability managementIT operationscyber security risk management frameworksStatic Application Security TestingDynamic Application Security Testingscanning toolsAgile methodologiescontinuous security monitoringoperational compliance
Soft Skills
communicationcollaborationleadershipanalysisarticulationrisk reductionencouragementexpertise
Certifications
CISSPCEH