CGI Group, Inc.
Position Description:
If you‘re ahead of the game on systems risk and cyber security, we can secure your career ambitions.
At CGI, our Operational Security Consultants are trusted to work closely with a wide range of clients on exciting projects with real-world purpose and impact.
The CGI Vulnerability Analyst team is seeking an experienced Vulnerability Management (VM) Specialist to join our growing team. The Vulnerability Management Specialist will be a direct report to the Director for the area and have responsibility for execution of the vulnerability management program. This is one of the most critical roles on the Operations team, as this role has the authority and capability to drastically reduce the risk of exploitation through the reduction of open vulnerabilities. We are looking for a specialist to be able to review client estates from scan outputs, review the risk/impact and be able to present findings to the client on a regular basis, being able to articulate the best way forward with regards to remediation, outages and risk acceptance.
This role can be worked remotely from anywhere in the UK, though there will be some occasional (expensed) travel to CGI/Client Offices as necessary and all applicants must hold or be prepared to undergo National Security Vetting (NSV) Security Check (SC) level.
Your future duties and responsibilities:
• Regularly engaging with Operational Security managers and business partners on the state of Vulnerability Management and specific programs/areas and the progress of related strategic initiatives
• Further enhancing CGI‘s VM risk-based remediation prioritisation approach to addressing vulnerabilities
• Engaging with Enterprise Vulnerability Management (EVM) Team to understand enterprise enumeration, vulnerability assessment and remediation capabilities, and drive increased maturity in this space
• Supporting local and enterprise efforts to improve effectiveness/efficiency of VM tools (Virtual Machines), process, procedures
• Project management and organisational skills, specifically managing multiple, concurrent projects
• Create and maintain effective documentation of policies, processes, and procedures
• Apply published methodologies and enforce program standards based on industry best practice
• Proactively provide status and concerns that may impact the execution of assigned project and/or tasks
• Problem solve and perform necessary research to identify additional options/solutions
• Assist with program development and implementation
• Manage and report upon the status of assigned projects and/or deliverables
• Support the initiatives and deliverables of the GTO department
• Identify and help implement areas for improvement ( , automation) to increase visibility and coverage; and to further reduce risk
• Drive strategies to reduce vulnerabilities and manage programs to track and reduce control violations
• Review, monitor and enable alignment to internal security policies & standards requirements
• Identify and establish process improvements, automation and innovation opportunities to simplify, standardise and improve processes
• Manage risk acceptance and documenting
• Liaise with the Vulnerability Analyst team
Required qualifications to be successful in this role:
This role requires the ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly:
• Strong leadership skills and demonstrated ability to support cross functional team
• Strong interpersonal, written, and oral communication skills
• Highly self-motivated and directed professional, with keen attention to detail
• Excellent analytical, pragmatic problem-solving and decision-making abilities
• Able to effectively prioritise tasks in a high-pressure environment
• Expertise working in a team-oriented, collaborative environment
• Must have situational awareness and adjust conversations and approach based on audience
• Demonstrated customer service and solution-focused orientation
• Demonstrated client presentation experience
Basic Skills Qualifications:
• Expertise in vulnerability management or other operational/tactical information security role ( penetration testing)
• Expertise working with enterprise vulnerability management software/appliances – preferably Qualys
• Comprehensive understanding of the best practices and guidance for vulnerability and risk management
• Expertise in tailoring vulnerability risk ratings based on organisations environment/external threat
• Ability to interpret technical reports on vulnerabilities, exploits, and malware
• Capable of troubleshooting scanner failures at a network and application level
• Expertise in Project Management and any applicable certification (Prince 2 or similar) would be beneficial
• Successful at communicating and reporting on risk to multiple levels across the organisation
Required Education:
• Bachelor‘s in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military experience)
• GIAC GCIA, GCIH, GCFA or comparable certifications are highly beneficial
Preferred Education:
• Master‘s in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military expertise)
Skills:
Leadership
Security Administration
Vulnerability Management(IAVM)
Vulnerability Mgmt System(VMS)
What you can expect from us:
Insights you can act on
While technology is at the heart of our clients‘ digital transformation, we understand that people are at the heart of business success.
When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees ‘members‘ because they are CGI shareholders and owners, and, as owners, we enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today-one of the world‘s largest independent providers of IT and business consulting services.
At CGI, we recognize the richness that diversity brings. We strive to create a work culture where everyone belongs, and we collaborate with clients in building more inclusive communities. As an equal opportunity employer, we empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.
Ready to become part of our success story? Join CGI-where your ideas and actions make a difference.
To apply for this job please visit uk.whatjobs.com.