Attack Surface Management Manager

2 days ago

Apply Now

Receive Emails with Similar Jobs

Experian

WebsiteLinkedInAll Job Openings

Artificial Intelligence • B2B • SaaS

Experian is a global leader in digital experience, technology, and transformation. They partner with recognized brands to enhance customer understanding, innovate product strategies, and implement agile technology solutions. With a focus on delivering superior customer experiences through AI, cloud architecture, and project management, Experian helps businesses streamline their operations and achieve their objectives effectively.

10001 employees

Founded 1996

🤖 Artificial Intelligence

🤝 B2B

☁️ SaaS

📋 Description

• Lead CTEM Service Delivery: Manage processes for the Continuous Threat Exposure Management (CTEM) service and its provider. • Ensure integration with Experian systems, delivering, reliable, and applicable security insights that inform risk reduction across the enterprise. • Business Engagement: You will manage the Business Engagement Team and Service, providing expertise and strategic direction. • Cultivate partnerships with regional infrastructure and application teams to ensure the vulnerability management strategy is understood, agreed upon, and implemented. • Maintain risk stratification model to guide vulnerability prioritization based on threat and asset criticality; Identify vulnerability prioritization and asset coverage trends, escalating to senior leadership when vulnerability trends are not improving over time. • Help with response to cybersecurity incidents or threat informed actions, ensuring accurate identification of applicable internal and external risks. • Guide team members' daily project and operational activities • Contribute to security and technology strategic planning to mature our programmes • Work with Risk & Compliance teams on SOC 2, PCI DSS, HIPAA, and other audits. • Research and recommend policy and procedures as they relate to Attack Surface Management

🎯 Requirements

• Expert experience supporting Attack Surface Management in vulnerability, remediation, and mitigation as it applies to the following. • Common web applications, APIs, misconfigurations, hosts, mobile, Internet of Things, endpoints, infrastructure, cloud, network appliance, OS, firmware and software supply-chain. • Management experience in an enterprise-level cybersecurity function. • Experience engaging and presenting security topics at senior levels in an enterprise organization • Experience managing Risk-Based Vulnerability Management models. • In-depth knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as: Qualys, Rapid7, Tanium, Axonius, Armis, or other. • Experience applying the following models to an enterprise security program: CMMI, ISO/IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model. • Experience developing security reports, trends, and metrics analysis. • Experience with the application of some of the following frameworks - SANS, NIST 800-61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR or similar. • Experience with cloud security practices • Experience with business and technical requirements analysis, business process modeling/mapping, methodology development, and data mapping

🏖️ Benefits

• Great compensation package and discretionary bonus plan • Core benefits include pension, bupa healthcare, sharesave scheme and more • 25 days annual leave with 8 bank holidays and 3 volunteering days. • You can purchase additional annual leave.