Vulnerability Management Analyst /Sr. Analyst
On-site Cairo, Cairo Governorate, Egypt 0036
Description
1. Manage & operate the vulnerability scanning and application scanning tools and ensure that it is properly functioning all the time.
2. Coordinate with the respective stakeholders to conduct regular network scans (active and/or passive) to identify security gaps and vulnerabilities across all the bank’s critical assets.
3. Run scheduled vulnerability scans using the provided tools and identify areas of vulnerability that need remediation to ensure on-going remediation of the vulnerabilities technology environment across its different layers.
4. Communicate with the respective stakeholders within IT group to ensure remediation of the open gaps/vulnerabilities within the identified periods based on criticality.
5. Report exceptions on the vulnerability remediation activities for further escalation to ensure proper closure, and ensure reporting outstanding vulnerabilities to cyber security management team for initial risk assessment and reporting to Security & Technology Risk Management.
6. Maintain a tracking mechanism for all vulnerability management related issues, and other security assessments, testing and validations in a structured mechanism to ensure regular reporting and tracking of action items until closure.
7. Liaise with Security Operations Center team to ensure conducting vulnerability scans based on threat intelligence/threat hunting reports, compliance standards and other regulations / mandates as applicable.
8. Maintain all needed documentation supporting security Vulnerability & compliance requirements, and audit issues to ensure on-going tracking and documentation.
9. Monitor the developed compliance use cases to support the different security controls and compliance requirements and communicate violations to the relevant teams.
10. Maintain the standard operating procedures (SOP), for the different compliance processes and ensure proper adherence to the set SLA.
11. Follow all relevant department policies, processes, standard operating procedures and instructions so that work is carried out in a controlled and consistent manner.
12. Follow the day-to-day operations related to own jobs in the Information Security Management department to ensure continuity of work.
Requirements
o Bachelor’s degree of Engineering, Computer Science, Information Security or equivalent.
o Minimum 2 – 4 years of experience in IT, Security or related fields
Recommended Certifications
o Certified PCI-DSS Professional
o EC Council – CEH
Skills
o Good command of English and Arabic language
o Good Communication skills
o Good Analytical skills
o Good Time management
o Good Teamwork Spirit
