The Vulnerability Management Analyst is responsible for managing the end-to-end vulnerability management lifecycle including detection, assessment, monitoring, and coordination of vulnerability treatment.
Phoenix Park Gas Processors Limited
Position Identification
Position Title:
| Vulnerability Management Analyst
|
Department:
| Finance, Technology and Risk |
Status:
| Permanent |
Position reports to:
| Supervisor Technology |
Work coordinated by:
| Team-Lead Infrastructure Services
|
Position supervises:
| None |
Job Summary
TheVulnerability Management Analyst is responsible for managing the end-to-end vulnerability management lifecycle including detection, assessment, monitoring, and coordination of vulnerability treatment with the aim of reducing PPGPL’s cyber vulnerability risk. The Vulnerability Management Analyst works closely with various Technology Teams and internal stakeholders to ensure systems, endpoints and networks are baselined, deployed, and managed with an emphasis on strong, effective security controls and configurations. Reports to Supervisor Technology with day-to-day activities coordinated by Team Lead Infrastructure Services (TLIS). Interfaces with Cybersecurity Lead, Application Support and Users for Testing and Troubleshooting. The position is also required to provide related support to the group of companies, its subsidiaries and new business ventures as required.
Dimensions
A critical service in support of the success of PPGPL’s strategy is ensuring that cybersecurity vulnerabilities that impact PPGPL’s cyber vulnerability risk are remediated in a timely manner and a way that minimizes impacts to productivity and safeguards PPGPL’s Technology Infrastructure and Information Assets. The incumbent is required to analyze and understand PPGPL’s infrastructure, operating environment, technological environment, technology strategy, contribute to the operationalization of PPGPL’s cybersecurity strategy in the context of the effective detection and remediation of cybersecurity vulnerabilities within the technology infrastructure of the organization.
The position operates under general guidance and direction and is expected to be proactive in meeting organizational demands in a manner that constantly adds value to the organization. The position of Vulnerability Management Analyst has a strong business analyst dimension, systems maintenance and support dimension and must evidence a high level of interpersonal skills. He/she must operate within clearly prescribed rules, regulations and Internal controls and is bounded by clear performance expectations. The position operates under general guidance and direction, but is expected to demonstrate leadership, initiative and respond to work demands almost immediately. The incumbent interfaces with all levels of the organization.
Individual’s Safety Responsibility:
It is the responsibility of each employee to protect oneself as well as fellow workers from injury. Work shall be conducted according to established safe practices and procedures. Please refer to PPGPL’s Safety Manual.
Nature & Scope
Risk Assessment: The analyst must analyze the vulnerability scan results to determine the level of risk posed by each vulnerability.
Remediation: The analyst must develop and implement remediation plans to address identified vulnerabilities. Remediations are implemented and guided by PPGPL Technology change management policies and procedures, with an aim to reduce impact to employee productivity and cyber risk.
Communication: The analyst must communicate with various stakeholders including IT teams, business units, end users and management to provide updates on vulnerability management activities such as testing and troubleshooting of issues resulting from remediation activities.
Compliance: The analyst must ensure that all vulnerability management activities are following PPGPL standards and company policies, resulting in systems which comply to established security and configuration baselines.
Reporting: The analyst must prepare regular reports on vulnerability management activities and share them with relevant stakeholders.
Contacts: Internally communicates with all levels of the Organization including senior leaders, middle level management as well as externally with, consultants for project execution, system support, vendor, NGC Group subject matter experts and subsidiary company subject matter experts in the furtherance of building Business Intelligence Solutions.
Decision-Making Authority: The incumbent is expected to be self-directed in responding to internal client requests. Ensuring that activities are in alignment with company policies. The position has no financial approval authority but is responsible for managing the budgets within limits for areas under his/her responsibility.
Physical and Sensory Demands: Moderate sensory demands typical of a technical position, operating within a busy customer focused office environment with constant interruptions and competing.
Duties & Responsibilities
Job Specifications
Minimum Acceptable Academic Qualifications
AND
Minimum Number of Years of Relevant Experience
Specific Skills and Knowledge
Disclaimer
“The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required of personnel so classified.”
View More Vacancies from Phoenix Park Gas Processors Limited