HR-Line
Job title:
(Cybersecurity) Vulnerability Assesment Analyst (Secret)
Company:
HR-Line
Job description
Company description: HRO Digital is a specialist traditional recruitment business. HRO Digital is a brand of Verita HR Polska.
Verita HR Polska is a Human Resources service provider operating under number 5694.
We are working as a recruitment provider searching on our Client’s behalf for a person in the following role:(Cybersecurity) Vulnerability Assesment Analyst (Secret)Responsibilities: – Assessments of all newly discovered vulnerabilities
– Reviewing of several repositories to identify the secret data types and sensitive information.
– Monitoring external threat feeds to identify any newly reported external risks.
– Managing the review of assigned JIRA tickets, determining potential false positive and/ or mitigation on approaches, and providing expert guidance/ advice on remediation.
– Ensuring all patterns identified for remediation and/ or false positive identification, Temp fix reviews are clearly documented within the central tools and applied across the companys identified threat estate.
– Identify critical paths of operation and ensure that they are followed to provide the most streamlined and efficient method of operating.
– Clear accountability of the Vulnerability Assessment and Response key control indicators and key risk indicators.
Supporting Imminent threat review sessions, and deputising for the chair when required.
– Engaging with the Head of VM Ops, Reports, Vulnerability Capture, and relevant team members to review and gain approval for submissions and ensure information requests are aligned with the group risk appetite providing the expected responses.
– Adhoc tasks as required; handling escalations and requests from any team or angle.Requirements: – Proficient with Vulnerability management technologies and their applications (e.g., SAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.),
– Strong Knowledge of OWASP concepts and CVE, CWE’s, Cryptography.
– Vulnerability assessments, scoring and ratings and how they are applied.
– Knowledge and Hands on experience of Dynamic Application Security Testing (DAST) & SAST.
– A solid understanding of Secrets Management and Secret data types.
– Programming skills and knowledge of programming languages like Python, Java
– Knowledge about common threats and attacks.
– Understanding of security protocols and standards.
– Strong analytical skills to enable risk assessments of vulnerabilities to be executed in a timely manner.
– Self-motivated and possessing of a high sense of urgency and personal integrity.
– Process orientated, outstanding organizational skills.
– Knowledge of GitHub, Stash and Data Platforms
– Proven track record on delivering activities on time to a high standard.
– 4+ years of experience in application securityThe offer: – Fast changing and exciting specialized area within cyber security
– Employees’ benefits: Multisport Card, private medical care
– Realistic career progression opportunities in an international organization
– Casual dress code
– Cultural exchange
– 1 day/week from Cracow officePaństwo: PolandMiasto: CracowWażne do: 31/10/2024
Expected salary
Location
Kraków, małopolskie
Job date
Wed, 07 Aug 2024 00:08:16 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (vacanciesineu.com) you saw this job posting.