Vulnerability Assessment - Lead

• Team Lead, senior member of team tasked with coordinating and reporting responsibility for the daily operations of the function, reports to the Senior Manager at US Office. They should be expert (Level 3) position, requiring at least 7 years relevant experience. In this role, the candidate will significantly influence overall security posture by regularly scanning systems and networks for vulnerabilities, reviewing, and prioritizing remediation guidance and reporting the results to all IT stakeholders.
• Subject-matter expertise with the Tenable.sc Vulnerability Management System (VMS) Platform
• No less than 3 years in a dedicated Vulnerability Assessment role, working directly with the Tenable.sc application (or Tenable.io, cloud-version).
• They will share expertise, thought leadership and overall guidance to ensure compliance objectives are upheld and security industry standard best practices are utilized. They will serve by example and earn the trust of the Vulnerability Assessment team, other collaborators from the Technical Risk Office (TRO), Endpoint Team and the people and healthcare entities whose assets we manage and protect.
• Must have advanced trouble shooting skills and possess the ability to identify the severity of an issue, ability to resolve issues quickly to customer satisfaction and prepare RCA or postmortem reports to stakeholders & management upon request
• Expert knowledge/understanding of Threat Analysis
• Must demonstrate expertise with handling major malware outbreaks/major incident response workflows in a large/distributed enterprise environment
• Possess excellent customer handling skills along with extensive hands-on skills in defining and creating operational/procedure documents
• Possess knowledge of ITIL processes like Incident Management, Problem Management, Configuration Management and Change Management
• Possess demonstrated excellence in verbal & written communication skills with a bias toward constant communication with all stakeholders; updating all parties regularly & escalating appropriately to management, without being prompted, to ensure superior customer service delivery.
• Plan, Coordinate, Conduct orderly product updates/upgrades (Internal planning, CAB CRs, Meetings with Downstream stakeholders (Site IT), Meetings with IT stakeholders (CorpIT, Local IT, Other TRO verticals).
• Instruct/Advise Internal SMEs effectively to ensure safe & effective product/service delivery
• Be able to understand and execute VA Manager guidance for product lifecycle management requirements.
• Be able to learn (and ensure alignment with) TRO security strategy from CISO, VMS product guidance from VA Manager, VMS strengths & limitations from VA SMEs
• Vulnerability Reporting & Enterprise-level Vulnerability Scanning Strategy (Design, Architecture, Tuning, etc.)
• This is different from being a member of a team that works with technology the ideal candidate needs to have experience designing or improving” the technology, at the Enterprise level

Required qualifications:

• Must be able to communicate effectively (verbally, in writing, in person/in remote meetings, etc.) with all levels of management & IT staff
• Security Industry Training (SANS, Offensive Sec, DOJ, etc.)
• Product/platform-specific vendor training (Tenable, Qualys, Rapid7, Cisco, etc.)
• Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering

One or more certifications for vulnerability assessment analysts: GPEN, GWAPT, GSNA, GMON, CISSP.

Candidates can share their updated CVs to rarravalli@primehealthcare.com/ mvuyyala@primehealthcare.com