Vulnerability Management Analyst

Posted:
12/11/2024, 8:08:38 PM

Location(s):
Kowloon, Hong Kong, China ⋅ Hong Kong, China

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
Software Engineering

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

This role requires a deep understanding of cybersecurity & Vulnerability management principles, strong analytical skills, and the ability to communicate complex technical information to both technical and non-technical stakeholders.

Major Accountabilities

  • Review regularly the vulnerability scans and penetration tests conducted by central teams across network systems, applications, and devices
  • Analyze scan results to identify and prioritize vulnerabilities based on risk level
  • Develop and implement remediation plans to address identified vulnerabilities
  • Coordinate with IT and development teams to ensure timely patching and mitigation of security issues as per the patching timelines defined within the organization.  
  • Stay up to date on the latest security threats and vulnerabilities released in the market and assess the impact to the organization
  • Provide regular reporting on vulnerability status and trends to leadership highlighting the actions required on priority with trending and next steps where immediate attention is required.
  • Maintain vulnerability management tools and processes
  • Assist in developing security policies and best practices
  • Participate in incident response activities as needed

Specialized knowledge

  • Experience with cloud environments (AWS, Azure, GCP)
  • Knowledge of DevSecOps practices and tools
  • Scripting/programming skills (e.g. Python, PowerShell)
  • Experience in a large enterprise environment

Education and experience

  • Bachelor's degree in Computer Science, Information Security, or related field
  • 5+ years of experience in vulnerability management or related cybersecurity role
  • In-depth knowledge of vulnerability scanning tools (e.g. Nessus, Qualys, Rapid7)
  • Strong understanding of networking protocols, operating systems, and web technologies
  • Familiarity with regulatory compliance standards (e.g. PCI DSS, HIPAA, SOX)
  • Relevant certifications such as CEH, CISSP, GPEN, or equivalent
  • Excellent analytical and problem-solving skills
  • Strong written and verbal communication abilities
  • Ability to work independently and as part of a team

Job Category:

IT - Technology Services

Posting End Date:

30/03/2025