Primary Duties and
Provideprimary day-to-day contact between ATN International and the Managed SecurityServices Provider, as well as provide the initial point of escalation for vulnerabilitymanagement issues.
Leadvulnerability management testing activities, including scheduling, resources,tool execution, and reporting.
Developreports using data that is hosted in multiple sources (e.g. spreadsheets,databases) and communicate clearly to management and other team members.
Lead workstreams on vulnerability management processrelated to infrastructure vulnerability scanning, reviewing and prioritizingresults, and remediation and/or coordinating the remediation of assessment results.
Work jointly with the ManagedSecurity Services Provider, as well as other ATN International teams to clearlydefine the scope of testing and the related rules of engagement.
Assist with applicationsecurity penetration testing activities, including scheduling, resources, toolexecution, and reporting.
Independently design,recommend, plan, develop and support implementation of project-specificsecurity solutions to meet tactical, and control requirements.
Develop reports using datathat is hosted in multiple sources (e.g. spreadsheets, databases) andcommunicate clearly to management and other team members.
Identify potential securityexposures that may currently exist or may pose a potential future threat to ATNInternational infrastructure and applications. Ensure management is notifiedwhen these exposures are identified, as well as a proposed solution forremediation.
Qualifications Minimum Requirements:
Bachelor's degree and 5 yearsof experience in information security or an equivalent combination of educationand work experience.
Experience with IT ServiceManagement (ITSM) tools, workflow, and automation
Experience working in anenvironment with an outsourced Managed Security Service
Experiencewith Qualys Vulnerability Management suite of applications
Ability to interpret internaland external business challenges and implement best practices to improveproducts, processes, or services.
Ability to exercise judgmentin solving technical, operational, and organizational challenges in the contextof business objectives and priorities.
Ability to influence othersto adopt a new perspective and handle interpersonal issues with tact anddiplomacy.
Ability to lead projects ofmoderate complexity and risk exposure.
Excellent written andcommunication skills
Certifications in CISSP, CISA,CEH and CISM.
Telecom services experience.
5 or more years of experiencewithin a Cybersecurity program like Patch & Vulnerability Management, CyberThreat Intelligence, Incident Response, or Computer Forensics
5 or more years ofcombined experience working with Microsoft Windows servers , Mac and Windowsendpoints, Linux & Unix servers, virtual infrastructure (e.g. ESXi), andnetwork assets (e.g. routers, switches, firewalls, load balancers, etc.)
At least one year ormore experience with Public Cloud services (e.g. IaaS, CaaS, PaaS, SaaS)
At least one year ormore experience with Cybersecurity framework like NIST, COBIT, ISA, and ISO
At least one year ormore experience with PCI-DSS 3.x standards
Exposure to patching systems like SCCM, OMS, BigFix, JAMF,AirWatch, and GFI LanGuard