Vulnerability Management Analyst

Abonnez-vous au flux RSS
Interface de l’imprimante
Titre du poste :
Vulnerability Management Analyst
No du poste :
J0520-0167
Type de poste :
Permanent, temps plein
Division :
TI/SI
Region :
Ontario
Langue d'affichage :
E
Catégorie de poste :
Technologie de l'information
Nombre de postes :
1
Date de clôture :
14/08/2020

Pour aller de l'avant

RSA is one of the world’s leading multinational insurance groups with over 300 years of experience and over 20 million customers worldwide.

Our people are committed to building a dynamic internal culture where our people love what they do and feel motivated to keep things moving – for customers, for their colleagues and as part of their own growth and development.

In RSA, employing positive people is how we achieve success. You will be working in an environment that encourages you to do great work and you constantly will be faced with fresh challenges that have a direct impact on our business. We believe your personality and passion will keep RSA and our business moving forward.

At RSA we have a culture that supports and rewards high performance with a competitive reward policy for top performers. Our rewards package includes competitive compensation, work / life balance, opportunities to learn and the chance to make a difference working for a worldwide industry leader.

At RSA Canada, our purpose is to Make Life Better Together and we do that every day through our commitments to our people, our customers and our partners. We are committed to fostering an inclusive, fair, and accessible environment where every team member has the opportunity to reach their full potential and where everyone feels comfortable being their true selves. We hire on the basis of merit and we are committed to inclusive, barrier-free recruitment and selection processes, as well as equal access to training and promotion opportunities.

Aperçu du poste :

We are growing in our Security Operations team! The Vulnerability Management Analyst position is key in the business modernization and replatforming activities currently under way at RSA Canada, where you will have the opportunity to be a part of a total reshaping of the way we address cyber security.
Reporting to the Director, Security Operations, the Vulnerability Management Analyst will be responsible for conducting, reviewing and interpreting vulnerability assessments. The successful individual will collaborate with stakeholders to ensure vulnerabilities are understood and remediated promptly. In addition, as a senior security professional you will analyze data from Information Technology and Cyber Security defense tools and will develop processes in conjunction with other departments.
We are passionate about our customers, our employees and work life balance. At the moment the role is remote with expectation to be in the office in the near future with ability to work from home.

Votre profil personnel

Your enthusiasm is infectious. You challenge the status quo. You find solutions to problems. You go the extra mile to exceed customers’ expectations. You get things done the right way. You represent our brand with passion and pride. You are a team player. You have fun and you make work fun for those working around you.

Vos objectifs pour ce poste

• Conduct network, system, application vulnerability assessments and documentation of corrective/remediation actions
• Drive the end-to-end vulnerability lifecycle from discovery to closure
• Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of RSA’s information assets
• Identify and prioritize all vulnerabilities in RSA’s environments and provide timely vulnerability assessment reports to key stakeholders
• Co-ordinates and responds to security penetration testing and the management of vulnerabilities
• Ensure timely follow up with patch management and vulnerability remediation in coordination with support teams
• Work with technical teams to coordinate, conduct, and tune network and system vulnerability scans prior to deployment and when those systems are modified within pre-production and production environments
• Develop and report enterprise-level metrics for vulnerabilities and remediation progress
• Understand, demonstrate, and educate stakeholders on the real-world impact of threats and vulnerability exploitation in a given environment

Ce que vous apportez à ce poste

• 5+ years of Security Operation experience of which minimum 2 years of experience in one of the following areas: Network vulnerability assessments or application security testing in a large organization
• Direct experience with multiple Application Security Tools (SAST, DAST, SCA) and the integration into the SDLC via CI Automation and Integration with CI/CD tools such as Ansible, Chef, Puppet, Jenkins, GitLab
• Experience conducting web application and code security testing for all systems and applications providing expert analysis and risk assessments
• Experience with securing applications specifically for Cloud hosting environments e.g. AWS
• Knowledge of Containers (Docker and Kubernetes) and deployment of containerized applications/microservices architectures
• Proven ability to perform vulnerability triaging and remediation of identified threats and prioritize remediation
• Possess strong technical understanding of common vulnerabilities and exposures, OWASP and a strong bias towards automation and innovative thinking.
• Excellent written and verbal communication skills with demonstrated ability to communicate with technical and non-technical staff.
• Candidate has one or more certifications (CISSP, CEH, OSCP or similar), or a Degree in Computer Science or Information Security

Autre information

Applicants agree that by providing personal information in response to this ad, and otherwise in any recruitment process with RSA or its affiliated companies (the “Company”) such personal information may be retained and used for a period of one (1) year from the date of this application, for the purpose of consideration for employment opportunities which may arise during that time period, unless an applicant notifies the Company to the contrary.

We thank all applicants. However, only those selected for an interview will be contacted.

We invite you to learn more about us at our Career Site, www.rsagroup.ca, where you can apply on line.

RSA group of Companies is strongly committed to diversity and welcomes applications from visible minority group members, women, Aboriginal persons, and persons with disabilities, members of the LGBT community, and others who may contribute to the further diversification of ideas.

RSA group of Companies will provide reasonable accommodation for qualified individuals with disabilities in the job application process.

If you have difficulty using our online application system and you need an accommodation due to a disability, please email AODA@RSAGROUP.CA or call us at toll free 1 (800)-855-0511. Please note this email is only for accommodation requests. Resumes sent to this email address will not be considered.

Les candidats acceptent ce qui suit : les renseignements personnels transmis en réponse à cette annonce, ou lors de tout autre processus de recrutement de la RSA ou de ses sociétés affiliées peuvent être retenus et utilisés pour une période de un (1) an à compter de la date à laquelle la candidature est soumise. À moins d'un avis contraire donné par les candidats à la RSA, ces renseignements peuvent être utilisés pour d'autres offres d'emploi qui peuvent survenir durant cette période.

Johnson souscrit au principe de l’équité en matière d’emploi. Nous remercions tous les candidats de leur intérêt. Toutefois, nous ne communiquerons qu'avec les candidats retenus pour une entrevue.