Sr. Vulnerability Management Analyst
- Provide analysis of threats to the environment, understanding of risks and mitigating controls, priotitization and coordination of resulting actions.
- Monitor and align information security objectives to external regulations
- Monitor for and review vulnerabilities for impact to systems and network
- Production of metrics and reporting; risk, capabilities, dashboard, compliance
- Definition and maintenance of operational model; Global playbook, Stakeholders, RASCI, escalation paths and risk reporting
- Interact, collaborate, and coordinate with vulnerability management tool vendors and intelligence sources.
- Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to the computing environment and communicating applicable vulnerabilities and recommended corrective actions to impacted teams.
- Lead enterprise Vulnerability Management programs; mission critical applications and vulnerabilities, ownership, access, and classification. Gap analysis; current to goal state, benchmarking against peers, industry and regulations
- Bridge gaps and influence change when and where needed
- Responsible for strategy and operations related to detecting and mitigating security vulnerabilities
- Help enhance the long term vulnerability management strategy that will encompass shifting technologies and address information security needs
- Develop alignment strategies for configuration base lines and interoperations for vulnerability management into broader IT processes.
- Bachelor’s degree or equivalent I/T experience considered in lieu of degree.
- 8 + years of broad I/T experience.
- 4 + years of broad I/T security experience.
- Previous experience with compliance frameworks, their implementations and driving an organization to adhere both to compliance requirements and appropriate security standards.
- Strong knowledge on Vulnerability Management & remediation of OS, App, Network & DB vulnerabilities.Strong knowledge of industry standards regarding vulnerability management including Common Vulnerability Scoring System (CVSS), Common Vulnerability and Exposures (CVE).
- Ability to learn on the fly, manage through systems and common processes, and have sufficient overall intellectual horsepower to address the demands of the team.
- Exceptional teaming skills encompassing cross-functional teams, peer relationships, informing, and understanding and appreciating differences.
- Excellent communication skills encompassing inter-personal communications, persuasion and influencing skills, security communications in business terminology.
- Effective communication with senior leadership and medium to large audience discussions/presentations.
- Strong conceptual understanding of application & vulnerability management as applied to business processes
- Proven record of high performance in problem solving, collaborating, planning/priority setting, timely decision making, perseverance, and a drive for results.
- Very strong interpersonal skills in terms of effective listening, patience, composure, and conflict management.
- Ability to travel 5% - 10% (domestic and international)
- CISSP/CISA/CISM or equivalent security certification
- Vulnerability Management tools (e.g. Tenable, e.g. Qualys, e.g. McAfee, etc.)
- Knowledge / experience in developing secure code.
- Experience working with outsourced operational teams.
- Experience working in an ICS environment (control systems within the plant)
Linkedin Job Matcher
Find where you fit in at Cargill. Log in to connect your LinkedIn profile and we’ll use your skills and experience to search the jobs that might be right for you.
The Cargill Cocoa Promise is committed to securing a thriving cocoa sector for generations.
Our inclusive culture helps us shape the future of the world.
Discover how you can achieve your higher purpose with a career at Cargill.