22 Patch Management jobs in Hong Kong
Patch Management Lead
Posted today
Job Viewed
Job Description
- Interface with client Operation Leads on vulnerability reporting and escalation.
- Manage vulnerability performance, resource planning, and service improvements.
- Report monthly progress with metrics and remediation status.
- Prioritize urgent patch deployment based on risk and business criticality.
- Support SCCM operations, including software deployment and patch processes.
- Coordinate mass patch deployment and manage offline device updates.
- Collaborate with cross-functional teams and provide technical guidance.
- Participate in monthly reviews and support emergency patching as needed.
- Bachelor's degree in Computer Science, IT, Engineering, or related field.
- Relevant security certifications (CISSP, CEH, SANS GIAC) preferred.
- 5+ years in vulnerability management or similar security role.
- 3+ years of experience with SCCM administration.
- 2+ years in a leadership role managing patch programs.
- Proficient in vulnerability scanning tools and PowerShell scripting.
- Strong analytical, project management, and communication skills.
- Ability to work under pressure and manage critical incidents.
Vulnerability Management
Posted today
Job Viewed
Job Description
Join a reputable organisation at the forefront of cyber security, offering exposure to advanced technologies and complex environments.
Oversee the continuous scanning of infrastructure for vulnerabilities and ensure configuration compliance across platforms, databases, networks, and voice systems.
- Lead penetration testing activities for both application and infrastructure security, ensuring robust defences against emerging threats.
- Manage the delivery of DevSecOps services by guiding secure development practices and integrating security into operations workflows.
- Directly supervise team members through hiring, training, coaching, setting objectives, and performance management to foster a collaborative and high-performing environment.
- Coordinate with external service providers and product vendors to establish, monitor, and maintain agreed service levels for vulnerability management.
- Provide oversight on the identification and remediation of vulnerabilities, ensuring timely resolution according to established priorities.
- Assess vulnerability intelligence in relation to both internal systems and the broader external threat landscape to inform risk-based decision making.
- Continuously identify gaps in controls or coverage within vulnerability management processes and propose initiatives for service enhancement.
- Develop comprehensive metrics, reports, and service highlights for presentation to business stakeholders and IT leadership.
- Act as the lead during incidents involving actively exploited or critical vulnerabilities by developing response plans and overseeing their implementation.
What you bring:
- A degree in Computer Science, Information Security or a related discipline provides you with a strong academic foundation for this role.
- Twelve years or more of relevant experience in information security roles ensures you bring deep industry knowledge.
- At least five years' hands-on experience specifically within vulnerability management demonstrates your subject matter expertise across multiple disciplines.
- Proven track record in leading teams through hiring, training, coaching, objective setting, and performance management fosters a collaborative work environment.
- Comprehensive understanding of vulnerability management services including operating procedures enables effective oversight of critical functions.
- Exceptional logical thinking skills allow you to analyse different categories of vulnerabilities with precision.
- A customer-focused approach ensures that all services delivered meet high standards of quality and responsiveness.
- Excellent interpersonal skills support effective communication with both technical teams and business stakeholders alike.
- Experience with key technologies such as Vulnerability Assessment tools, DevSecOps methodologies, Penetration Testing frameworks, Secure Code Review processes, Attack Surface Management solutions, and Red Team exercises enhances your technical toolkit.
- Holding industry-recognised certifications such as CISSP or CISM further validates your expertise.
Vulnerability Management
Posted today
Job Viewed
Job Description
Pinpoint Asia is representing one of Hong Kong's most respected and technologically complex institutions. Our client is a leader in its field, investing heavily in building a world-class cyber defense function to protect critical assets and data.
We are looking for a strategic, hands-on leader to take full ownership of their Vulnerability Management and Offensive Security program. This is a high-impact role where you will shape the strategy, lead a specialist team, and act as the ultimate authority on identifying and mitigating security weaknesses across the enterprise.
The Opportunity: What You'll Command
This is not a typical operational role. You will be empowered to build, run, and innovate a comprehensive security program. You will be the central commander for threat and vulnerability management, from integrating security into the development pipeline (DevSecOps) to leading the charge during zero-day incidents.
Your mission is to proactively reduce the organization's attack surface by leading a multi-faceted function that includes:
- Team Leadership: Build, mentor, and lead a high-caliber team of security specialists responsible for scanning, testing, and analysis.
- Strategic Oversight: Own the entire lifecycle for vulnerabilities across infrastructure, applications, databases, and networks.
- Vendor & Service Management: Command relationships with external partners for specialized services like Red Teaming and advanced penetration testing, ensuring top-tier performance and value.
- Incident Command: Act as the designated lead for responding to critical, actively exploited vulnerabilities, orchestrating rapid enterprise-wide remediation efforts.
The Core Mission: Your Key Accountabilities
- Drive a Proactive Security Posture: Evolve and manage a sophisticated program covering continuous vulnerability scanning, configuration compliance, and attack surface management.
- Champion DevSecOps: Spearhead the integration of security into the CI/CD pipeline. Embed automated tools (SAST, DAST, SCA) and secure coding practices to find and fix flaws early in the development process.
- Lead Offensive Security Operations: Oversee all penetration testing (application and infrastructure), secure code reviews, and advanced adversarial simulations (Red Teaming) to rigorously test the organization's defenses.
- Deliver Actionable Intelligence: Develop a robust vulnerability intelligence capability that contextualizes global threats to the firm's specific environment. Prioritize remediation based on genuine business risk, not just raw CVSS scores.
- Communicate with Impact: Develop and present compelling metrics, risk reports, and strategic roadmaps to C-level executives and key business stakeholders, translating complex technical data into clear business impact.
The Ideal Profile
We are looking for a seasoned cybersecurity leader with a "player-coach" mentality. You have deep technical credibility combined with proven management experience.
- Experience: 12+ years in cybersecurity, with at least 5 years in a leadership role focused on Vulnerability Management, Application Security, or Offensive Security.
- Technical Mastery: Deep, practical expertise across the modern security toolkit. You must understand the "how" and "why" behind:
- Vulnerability Management Platforms: Tenable, Qualys, Rapid7, etc.
- DevSecOps & AppSec Tools: SAST, DAST, SCA, IAST integrated into developer workflows.
- Offensive Security Methodologies: Penetration Testing, Red Teaming, MITRE ATT&CK Framework.
- Modern IT Environments: Cloud (AWS/Azure), containerization, and complex enterprise networks.
- Strategic & Analytical Mindset: You can dissect complex vulnerabilities, assess exploitability, and map technical findings to tangible business risks.
- Leadership & Influence: You have a proven ability to manage technical teams and to communicate effectively with stakeholders at all levels, from engineers to executives.
- Credentials: A degree in Computer Science, Information Security, or a related discipline. Industry certifications such as CISSP or CISM are highly desirable.
- If this outstanding opportunity sounds like your next career move, please submit your resume in Word format via the Quick Apply Button.
Vulnerability Management Lead
Posted 14 days ago
Job Viewed
Job Description
Overview
We are seeking a strategic and hands-on Vulnerability Management Lead to lead our client's vulnerability management program. This role is responsible for designing, implementing, and continuously improving our vulnerability identification, assessment, and remediation processes to reduce risk across our enterprise environment.
You will work closely with stakeholders across IT, Security Operations, Governance, Risk & Compliance (GRC), and Application Development to ensure timely and effective remediation of vulnerabilities, while also establishing metrics, governance frameworks, and reporting mechanisms to track risk reduction and program effectiveness.
We would be open to relocating candidates to Hong Kong for this role.
Responsibilities- Lead the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, and reporting of vulnerabilities across infrastructure, applications, cloud, and endpoint environments.
- Define and implement vulnerability management strategy and roadmap, aligning with overall cybersecurity goals and risk posture.
- Develop and maintain governance frameworks, including policies, standards, and procedures related to vulnerability scanning, assessment, and remediation.
- Coordinate vulnerability scanning and threat intelligence tools (e.g., Qualys, Tenable, Rapid7, etc.) to ensure accurate and timely detection.
- Establish strong collaboration with Infrastructure, DevOps, Cloud, and Application Security teams to drive timely and risk-based remediation of vulnerabilities.
- Report on vulnerability management metrics, trends, and risk indicators to senior leadership and stakeholders, including compliance with internal SLAs and regulatory obligations.
- Stay current with emerging threats, vulnerabilities, and industry best practices to evolve the program proactively.
- Lead or participate in vulnerability-related incident response efforts, root cause analysis, and lessons learned.
- Oversee vulnerability assessments and penetration testing activities, whether internally executed or via third-party vendors.
- Engage with auditors and regulators as needed to demonstrate controls and effectiveness of the vulnerability management program.
- Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field.
- 10+ years of experience in information security, with at least 5 years in vulnerability management with recent leadership experience.
- Proven experience building and scaling vulnerability management programs in a complex enterprise.
- Strong understanding of risk-based vulnerability prioritization, CVSS scoring, threat intelligence integration, and exploitability context.
- Hands-on experience with common tools: Qualys, Tenable, Rapid7, Nexpose, Burp Suite, etc.
- Familiarity with frameworks and standards such as NIST, CIS Controls, ISO 27001, and relevant regulatory requirements.
If you're interested to apply or find out more, please share your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Reg: R
Lic: 16S8060
Seniority level- Full-time
- Information Technology
- Information Services
Referrals increase your chances of interviewing at Kerry Consulting by 2x
Get notified about new Security Professional jobs in Hong Kong, Hong Kong SAR .
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrVulnerability Management Lead
Posted 4 days ago
Job Viewed
Job Description
We are seeking a strategic and hands-on Vulnerability Management Lead to lead our client's vulnerability management program. This role is responsible for designing, implementing, and continuously improving our vulnerability identification, assessment, and remediation processes to reduce risk across our enterprise environment.
You will work closely with stakeholders across IT, Security Operations, Governance, Risk & Compliance (GRC), and Application Development to ensure timely and effective remediation of vulnerabilities, while also establishing metrics, governance frameworks, and reporting mechanisms to track risk reduction and program effectiveness.
We would be open to relocating candidates to Hong Kong for this role.
Responsibilities- Lead the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, and reporting of vulnerabilities across infrastructure, applications, cloud, and endpoint environments.
- Define and implement vulnerability management strategy and roadmap, aligning with overall cybersecurity goals and risk posture.
- Develop and maintain governance frameworks, including policies, standards, and procedures related to vulnerability scanning, assessment, and remediation.
- Coordinate vulnerability scanning and threat intelligence tools (e.g., Qualys, Tenable, Rapid7, etc.) to ensure accurate and timely detection.
- Establish strong collaboration with Infrastructure, DevOps, Cloud, and Application Security teams to drive timely and risk-based remediation of vulnerabilities.
- Report on vulnerability management metrics, trends, and risk indicators to senior leadership and stakeholders, including compliance with internal SLAs and regulatory obligations.
- Stay current with emerging threats, vulnerabilities, and industry best practices to evolve the program proactively.
- Lead or participate in vulnerability-related incident response efforts, root cause analysis, and lessons learned.
- Oversee vulnerability assessments and penetration testing activities, whether internally executed or via third-party vendors.
- Engage with auditors and regulators as needed to demonstrate controls and effectiveness of the vulnerability management program.
- Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field.
- 10+ years of experience in information security, with at least 5 years in vulnerability management with recent leadership experience.
- Proven experience building and scaling vulnerability management programs in a complex enterprise.
- Strong understanding of risk-based vulnerability prioritization, CVSS scoring, threat intelligence integration, and exploitability context.
- Hands-on experience with common tools: Qualys, Tenable, Rapid7, Nexpose, Burp Suite, etc.
- Familiarity with frameworks and standards such as NIST, CIS Controls, ISO 27001, and relevant regulatory requirements.
If you're interested to apply or find out more, please share your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Reg: R
Lic: 16S8060
Seniority level- Full-time
- Information Technology
- Information Services
Referrals increase your chances of interviewing at Kerry Consulting by 2x
Get notified about new Security Professional jobs in Hong Kong, Hong Kong SAR .
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrVulnerability Management & Offensive Security Lead
Posted 8 days ago
Job Viewed
Job Description
Vulnerability Management & Offensive Security Lead
Pinpoint Asia is representing one of Hong Kong's most respected and technologically complex institutions. Our client is a leader in its field, investing heavily in building a world-class cyber defense function to protect critical assets and data.
We are looking for a strategic, hands-on leader to take full ownership of their Vulnerability Management and Offensive Security program. This is a high-impact role where you will shape the strategy, lead a specialist team, and act as the ultimate authority on identifying and mitigating security weaknesses across the enterprise.
The Opportunity: What You'll CommandThis is not a typical operational role. You will be empowered to build, run, and innovate a comprehensive security program. You will be the central commander for threat and vulnerability management, from integrating security into the development pipeline (DevSecOps) to leading the charge during zero-day incidents.
Your mission is to proactively reduce the organization's attack surface by leading a multi-faceted function that includes:
- Team Leadership: Build, mentor, and lead a high-caliber team of security specialists responsible for scanning, testing, and analysis.
- Strategic Oversight: Own the entire lifecycle for vulnerabilities across infrastructure, applications, databases, and networks.
- Vendor & Service Management: Command relationships with external partners for specialized services like Red Teaming and advanced penetration testing, ensuring top-tier performance and value.
- Incident Command: Act as the designated lead for responding to critical, actively exploited vulnerabilities, orchestrating rapid enterprise-wide remediation efforts.
- Drive a Proactive Security Posture: Evolve and manage a sophisticated program covering continuous vulnerability scanning, configuration compliance, and attack surface management.
- Champion DevSecOps: Spearhead the integration of security into the CI/CD pipeline. Embed automated tools (SAST, DAST, SCA) and secure coding practices to find and fix flaws early in the development process.
- Lead Offensive Security Operations: Oversee all penetration testing (application and infrastructure), secure code reviews, and advanced adversarial simulations (Red Teaming) to rigorously test the organization's defenses.
- Deliver Actionable Intelligence: Develop a robust vulnerability intelligence capability that contextualizes global threats to the firm’s specific environment. Prioritize remediation based on genuine business risk, not just raw CVSS scores.
- Communicate with Impact: Develop and present compelling metrics, risk reports, and strategic roadmaps to C-level executives and key business stakeholders, translating complex technical data into clear business impact.
We are looking for a seasoned cybersecurity leader with a "player-coach" mentality. You have deep technical credibility combined with proven management experience.
- Experience: 12+ years in cybersecurity, with at least 5 years in a leadership role focused on Vulnerability Management, Application Security, or Offensive Security.
- Technical Mastery: Deep, practical expertise across the modern security toolkit. You must understand the "how" and "why" behind:
- DevSecOps & AppSec Tools: SAST, DAST, SCA, IAST integrated into developer workflows.
- Offensive Security Methodologies: Penetration Testing, Red Teaming, MITRE ATT&CK Framework.
- Modern IT Environments: Cloud (AWS/Azure), containerization, and complex enterprise networks.
- Strategic & Analytical Mindset: You can dissect complex vulnerabilities, assess exploitability, and map technical findings to tangible business risks.
- Leadership & Influence: You have a proven ability to manage technical teams and to communicate effectively with stakeholders at all levels, from engineers to executives.
- Credentials: A degree in Computer Science, Information Security, or a related discipline. Industry certifications such as CISSP or CISM are highly desirable.
- Seniority level: Mid-Senior level
- Employment type: Full-time
- Job function: Information Technology and Management
- Industries: Information Services
We’re not including extraneous job postings or site notices here. This description focuses on the role and qualifications for the Vulnerability Management & Offensive Security Lead.
#J-18808-LjbffrInfrastructure Vulnerability Management Project Coordinator
Posted today
Job Viewed
Job Description
Our client is a large scales MNC banking, they are looking for an Infrastructure Vulnerability Management Project Coordinator to join their team.
RESPONSIBILITIES
- Co-ordinate with the regional stream of the global vulnerability and compliance management project
- Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
- Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
- Partner with & manage local stakeholders to ensure organizational and procedural efficiency
- Oversee & support the Business IT departments' remediation activities governance
- Assess, report and address the security risks arising from vulnerabilities & compliance deviations
- Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
- Report regularly to global, regional & local stakeholders including C-level status of the project
- Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
- Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
- Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead
REQUIREMENTS:
- Bachelor's degree in Computer Science, Information Systems, or related field
- 5+ years of experience in IT security with a focus on vulnerability and compliance management
- 3+ years of experience in a leadership or management role
- Proven experience on Vulnerability Management activities in Financial Institution environment;
- Technical knowledge and hands on experience with vulnerability management products
- Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
- Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)
- Deep understanding of vulnerability assessment and remediation methodologies
- Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
- Proficient in infrastructure security best practices, technologies and security concepts
- Program and project management expertise, capacity to lead hybrid project methodologies
- Advanced skills on MS PowerPoint
- Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc
Interested parties, please send CV to , For any further discussion.
Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes.
Be The First To Know
About the latest Patch management Jobs in Hong Kong !
Infrastructure Vulnerability Management Project Coordinator
Posted today
Job Viewed
Job Description
Job Title - Infrastructure Vulnerability Management Project Co Ordinator
Direct responsibilities:
Co-ordinate with the regional stream of the global vulnerability and compliance management project
Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
Partner with & manage local stakeholders to ensure organizational and procedural efficiency
Oversee & support the Business IT departments' remediation activities governance
Assess, report and address the security risks arising from vulnerabilities & compliance deviations
Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
Report regularly to global, regional & local stakeholders including C-level status of the project
Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead
Contributing Responsibilities:
Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level
Improve the efficiency of global procedures for Vulnerability & Compliance management
Contribute to the Bank compliance with regulatory requirements and internal policies
Provide guidance and support for IT infrastructure projects related to vulnerability management
Contribute to the control frameworks in day‐to‐day business activities, such as Control Plans, Participation in Audit interview and preparation and delivery of requested evidences
Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities
Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo
Review and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC
Technical & Behavioral Competencies
Technical
Deep understanding of vulnerability assessment and remediation methodologies
Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
Proficient in infrastructure security best practices, technologies and security concepts
Program and project management expertise, capacity to lead hybrid project methodologies
Advanced skills on MS PowerPoint Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.
Behavioral
Excellent interpersonal and communication skills; ability to influence and motivate
Strong leadership and project management skills
Strong teamwork and collaboration skills
Successful people management experience
Strong problem-solving and analytical skills
Specific Qualifications (if required)
Bachelor's degree in Computer Science, Information Systems, or related field
5+ years of experience in IT security with a focus on vulnerability and compliance management
3+ years of experience in a leadership or management role
Proven experience on Vulnerability Management activities in Financial Institution environment;
Technical knowledge and hands on experience with vulnerability management products
Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)
Interested candidates may apply to this job post.
All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.
Full-time
Infrastructure Vulnerability Management Project Coordinator
Posted today
Job Viewed
Job Description
Our client is a large scales MNC banking, they are looking for an Infrastructure Vulnerability Management Project Coordinator to join their team.
RESPONSIBILITIES
- Co-ordinate with the regional stream of the global vulnerability and compliance management project
- Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
- Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
- Partner with & manage local stakeholders to ensure organizational and procedural efficiency
- Oversee & support the Business IT departments' remediation activities governance
- Assess, report and address the security risks arising from vulnerabilities & compliance deviations
- Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
- Report regularly to global, regional & local stakeholders including C-level status of the project
- Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
- Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
- Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead
REQUIREMENTS:
- Bachelor's degree in Computer Science, Information Systems, or related field
- 5+ years of experience in IT security with a focus on vulnerability and compliance management
- 3+ years of experience in a leadership or management role
- Proven experience on Vulnerability Management activities in Financial Institution environment;
- Technical knowledge and hands on experience with vulnerability management products
- Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
- Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)
- Deep understanding of vulnerability assessment and remediation methodologies
- Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
- Proficient in infrastructure security best practices, technologies and security concepts
- Program and project management expertise, capacity to lead hybrid project methodologies
- Advanced skills on MS PowerPoint
- Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc
Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes
Infrastructure Vulnerability Management Project Coordinator
Posted today
Job Viewed
Job Description
Job Title- Infrastructure Vulnerability Management Project Co Ordinator
Direct responsibilities:
- Co-ordinate with the regional stream of the global vulnerability and compliance management project
- Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
- Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
- Partner with & manage local stakeholders to ensure organizational and procedural efficiency
- Oversee & support the Business IT departments' remediation activities governance
- Assess, report and address the security risks arising from vulnerabilities & compliance deviations
- Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
- Report regularly to global, regional & local stakeholders including C-level status of the project
- Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
- Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
- Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead
Contributing Responsibilities:
- Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level
- Improve the efficiency of global procedures for Vulnerability & Compliance management
- Contribute to the Bank compliance with regulatory requirements and internal policies
- Provide guidance and support for IT infrastructure projects related to vulnerability management
- Contribute to the control frameworks in day‐to‐day business activities, such as Control Plans, Participation in Audit interview and preparation and delivery of requested evidences
- Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities
- Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo
- Review and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC
Technical & Behavioral Competencies
Technical
- Deep understanding of vulnerability assessment and remediation methodologies
- Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
- Proficient in infrastructure security best practices, technologies and security concepts
- Program and project management expertise, capacity to lead hybrid project methodologies
- Advanced skills on MS PowerPoint Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.
Behavioral
- Excellent interpersonal and communication skills; ability to influence and motivate
- Strong leadership and project management skills
- Strong teamwork and collaboration skills
- Successful people management experience
- Strong problem-solving and analytical skills
Specific Qualifications (if required)
- Bachelor's degree in Computer Science, Information Systems, or related field
- 5+ years of experience in IT security with a focus on vulnerability and compliance management
- 3+ years of experience in a leadership or management role
- Proven experience on Vulnerability Management activities in Financial Institution environment;
- Technical knowledge and hands on experience with vulnerability management products
- Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
- Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)
Interested candidates may apply to this job post.