- Strong experience in deep security, data and operational experience to lead global Attack Surface Reduction (ASR).
- Identification of security exposures within the organizations systems (server and desktop), applications and networks.
- Consistent record of executing security vulnerability strategies and significantly driving down exposure within large, complex environments.
- You will lead a large, multinational team in the execution of this function, and will liaise with asset owners within infrastructure and application delivery organizations to drive remediation of discovered exposures.
- You will have the opportunity to drive a radical redesign of the ASR capability that is currently in its infancy, transitioning the ASR capability from a legacy vulnerability management and secure configuration management function to a holistic platform and program for ingesting, analyzing and driving the remediation of security exposures and control gaps within current environment.
- You will work directly with business partners, application teams and infrastructure providers to drive the remediation of discovered exposures.
- This role will represent Technology Security Services as APAC regional lead, handling local partners and government regulators.
- You have deep understanding of and experience with computer system vulnerability concepts and frameworks such as CVE/CPE/CWE, as well as platforms such as Qualys, Tripwire, Tanium and Tripwire
- You have familiarity and successful history of delivery using data platforms such as Hadoop, Splunk and Tableau, as well as constructing data pipelines using platforms such as Kafka
- You have experience with and successful utilization of enterprise workflow platforms (ServiceNOW) and specifically integration with the above-mentioned technologies
- You have experience leading large multinational teams in the delivery and execution of complex solutions in computing, data processing systems and/or information security
- You have experience with agile delivery methodologies
- You have good experience in senior level internal/external partner management and deep knowledge in information security and cyber security.
- You have the ability to lead and handle security incidents, which will include those outside the scope of the ASR function specifically.
Didn’t find the job appropriate? Report this Job