An Insight Global Client is looking for a Vulnerability Risk Manager that will play an integral role in communicating and tracking institutional risk incurred from vulnerabilities to key stakeholders within the organization. The ideal candidate for this role has knowledge of and experience with the implementation of cybersecurity best practices and frameworks related to vulnerability and risk management. This role reports to the GRC Manager. This position has been designated as hybrid and work will be performed in the Atlanta, GA metropolitan area within Eastern Time (ET) Zone.
Must-haves
- Bachelor's degree and 5 years of relevant experience OR Masters and 3 years
- Experience in vulnerability management.
- Ability to obtain a secret security clearance.
- Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
- Previous experience with vulnerability scanning, reporting, and management processes or tools.
- Hands on knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations.
- Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported.
- Strong knowledge of Splunk, Tenable Nessus, API's, Excel and Power BI Platform for data analytics.
- Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
- Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
- Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE.
- Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.
- Risk management expertise with ability to translate technical risks for business leaders.
-Experience judging the priority of a vulnerability based on risk and impact.
- Excellent written and verbal communication skills.
- One or more basic cybersecurity certifications such as: Security+, CEH, CND, CySA+, CCNA-Security or equivalent.
Plusses
- Active Secret clearance.
- 9 years of experience in vulnerability management
- Master's degree
- Experience leading or managing a Vulnerability Management program.
- One or more advanced cybersecurity certifications such as: CISSP, CISM, CISA, CASP, GEVA, CCNP-Security or equivalent.