Nacionalniy bank Ukrayini
We are looking for a specialist who not only performs technical tasks, but organizes, develops and manages the vulnerability management process. This is a role for a candidate (specialist) who is ready to determine the approach and strategy for the development of Vulnerability Management.Functional tasks:Regular scanning of systems, networks, applications and infrastructure for known vulnerabilities (oriented both automated scanners and - if necessary - manual testing).Analysis of scan results,
We are looking for a specialist who not only performs technical tasks, but organizes, develops and manages the vulnerability management process. This is a role for a candidate (specialist) who is ready to determine the approach and strategy for the development of Vulnerability Management.
Functional tasks:
- Regular scanning of systems, networks, applications and infrastructure for known vulnerabilities (oriented both automated scanners and - if necessary - manual testing).
- Analysis of scan results, elimination of false positives, risk assessment and prioritization of vulnerabilities for elimination taking into account probability and impact.
- Management of the full cycle of vulnerabilities — from detection to confirmation of their elimination (tracking, remediation, re-scan / verification).
- Communication with IT and other stakeholders for the implementation of security measures, patch management, system hardening.
- Preparation of reports, metrics, dashboards (KPI) for management, for audit, compliance and internal inspections.
We offer:
- Opportunity for professional development in a stable and transparent organization;
- Opportunity to be tangential to the development of the country;
- Market salary, bonuses based on performance evaluation (KPI);
- Training programs;
- Non-governmental corporate pension insurance;
- Comfortable working conditions and flexible work schedule;
- A team of like-minded people.
Our expectations from the candidate:
- Experience in managing the Vulnerability Management process — scanning, analysis, remediation 3+ years.
- Higher education in any specialty in the areas of: Software Engineering, Computer Science, Computer engineering, System analysis, Cyber security and information protection, Information systems and technologies;
- English language level not lower than B1;
- Experience with vulnerability scanning tools: for example, Nessus, Qualys, Tenable Security Center or similar.
- Knowledge of the basics of web-, network-, infrastructure-security; vulnerabilities (for example, knowledge of (CVE, CWE), web vulnerabilities, security standards).
- Ability to work with patch management, remediation automation (scripts, automation, interaction with the IT team)
- Communication skills, ability to explain risks to technical and non-technical specialists, create reports / policies / procedures.
- Analytical thinking and attention to details, strong motivation to learn and develop in the field of security;
- Ability to work in a team, responsibility, punctuality.
*In case of equal conditions regarding the matching of experience, qualifications, knowledge and skills, reliability and security of the candidate, when making a decision on the selection of candidates for vacant positions, preference provided to:
- veterans of the war in Ukraine;
- persons with disabilities;
- other categories of candidates, if this is provided for by the legislation of Ukraine.