E-mail: ******ção: We are seeking an opportunity for Security Vulnerability Manager to lead and manage the vulnerability management practice for all application development across the organization. In this opportunity, you will be a part of the Information Security & Compliance team, ensuring the organization adheres to industry-leading cybersecurity standards, including those outlined by NIST. You will be responsible for identifying, analyzing, and mitigating security vulnerabilities in our applications, aligning with OWASP Top 10 and similar security protocols.Responsibilities:Vulnerability Management: Own the entire vulnerability management lifecycle, from identification to remediation, for all application development teams.Risk Assessment: Conduct regular security assessments and penetration tests to identify vulnerabilities and potential risks.Security Standards: Ensure all applications meet the organization's cybersecurity standards and comply with frameworks like NIST and OWASP.Collaboration: Work closely with application development teams to integrate security best practices into the Software Development Life Cycle (SDLC).Incident Management: Lead incident response efforts for application-related security incidents, working with cross-functional teams to mitigate risks quickly and effectively.Reporting: Provide regular reports to senior leadership on the status of application security vulnerabilities, remediation efforts, and overall security posture.Training & Awareness: Develop and deliver security training programs for development teams to foster a security-first mindset.Continuous Improvement: Continuously enhance the vulnerability management program by adopting new technologies, frameworks, and processes.Requisitos: Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of experience in vulnerability management or application security roles. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and other relevant security protocols and frameworks. Familiarity with NIST Cybersecurity Framework (CSF). Experience with security tools such as Burp Suite, Nessus, Qualys, or similar. Proven experience in secure coding practices and code review. Strong understanding of application development and the SDLC, with the ability to collaborate effectively with software developers. Experience in conducting penetration testing and vulnerability assessments. Strong problem-solving skills and the ability to work in high-pressure situations. Relevant certifications such as CISSP, CEH, GIAC, or similar are preferred. Nível (Senioridade): Senior. PJ. Inglês Obrigatório.
#J-18808-Ljbffr