Vulnerability Management Innovation Lead - Cloud SME
Company: Disability Solutions
Location: Denver
Posted on: April 20, 2024
|
|
Job Description:
Job Description:At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. Responsible Growth is how we run our company and
how we deliver for our clients, teammates, communities and
shareholders every day.One of the keys to driving Responsible
Growth is being a great place to work for our teammates around the
world. We're devoted to being a diverse and inclusive workplace for
everyone. We hire individuals with a broad range of backgrounds and
experiences and invest heavily in our teammates and their families
by offering competitive benefits to support their physical,
emotional, and financial well-being.Bank of America believes both
in the importance of working together and offering flexibility to
our employees. We use a multi-faceted approach for flexibility,
depending on the various roles in our organization.Vulnerability
Management Innovation Lead - Cloud SMEThe Vulnerability Management
Innovation Lead supports all Vulnerability Analysis (VA) & rating
activities by leveraging analytical and technical skills to provide
guidance and leadership to modernize the VA program. As a key
leader and team member you will provide comprehensive solutions to
complex problems, lead major projects, and influence the strategic
direction of the organization. This role will be primarily focused
on vulnerability/configuration analysis and management for public
and private cloud infrastructure.To be successful in this role the
candidate will need to be an effective communicator frequently
switching between technical & non-technical partners. Candidates
will need to be able to influence partners to deliver changes. This
person should be able to work with limited direction and
effectively bring people together to design and implement
solutions.Required Skills: --- 7+ years' experience in cyber
security--- Experience in vulnerability and configuration
management for cloud infrastructure, including Azure and AWS---
Ability to work independently on initiatives with little
oversight--- Ability to proactively anticipate problems and execute
solutions at a strategic level--- Excellent analytical
skills/problem solving/conceptual thinking--- Understanding of risk
assessment methodologies--- Knowledge of vulnerability attack
methods, exploit results, attack chains--- Knowledge of industry
standard scoring models such as CVSS, CCSS--- Knowledge of industry
standard data models such as CPE and data normalization tools---
Must be able to critically examine an organization and application
through the perspective of a threat actor and articulate risk in
clear, precise terms to technical and non-technical
audience.Desired Skills--- Leveraging NIST SP-800 (specifically
800-30) for prioritizing risk--- Operationalizing MITRE Attack &
TTPs in vulnerability prioritization--- Experience conducting
vulnerability assessments, code reviews and penetration tests
against system and application technologies, services, platforms
and languages to find flaws and exploits (e.g., SQL Injection,
Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking,
Authentication/Authorization, Privilege Escalation, Business Logic
Bypass)--- Strong familiarity with OWASP Top 10 vulnerabilities,
SANS 25, MITRE, and CWEs--- Experience in conducting vulnerability
scans.--- Experience in performing data analytics to communicate
impact analysis of process changeThis job will be open and
accepting applications for a minimum of seven days from the date it
was posted.Shift:1st shift (United States of America)Hours Per
Week: 40
Keywords: Disability Solutions, Commerce City , Vulnerability Management Innovation Lead - Cloud SME, Executive , Denver, Colorado
Click
here to apply!
|