Cyber Security Vulnerability Specialist
Job Description:
- Steer the VEP (Vulnerability Emergency Process) for all AHG, including Customer centers in the frame of the SoW, including the improvements proposal and coordination. Also inside the same SoW, support to the other Work Packages will be needed, what includes pentesting support and POC (proof of concept) on new tools or threats.
A.Main activities
- Steer VEP Process, ensuring that a correct follow-up is done for all AHG entities part of it.
- Perform security technical analisys such as pentest and risk assestments fior new and existing solutions.
- Help in the automatization of EIIS, managing Ansible and other IT related tools, such as containers or specific security tools.
- Support the AHE IM Security Team in all the related tasks to the SoW
- B.Most critical problems that arises regularly
- Keep informed and track all security threats that area applicable to AHG, coming from several sources.
- Assess the real impact of the new threats, either by checking the inventories applicable or by testing POC released to the general public.
- Act as focal point for VEP process, ensuring that all is properly recorded and steered.
- C.More important decisions
- Decide which threats must be registered and tracked, requiring escalation when needed.
- Keep a trusted source of Information Security alerts, adding and removing from it based on the experience gain during the service.
- Propose new tools that could help to achieve the objectives.
- D.Outputs
- Tickets created in VEP and SEM systems
- Monthly KPI calculated for all the Work Packages that are part of the SoW, as required.
- System documentation, user guidelines and trainings.
- Minutes of meetings for all the steering done with AHG.
- Applicability reports based on tests and POCs for the agreed threats.
- E.Key Competences
- Familiar with IM Security practices, especially with vulnerabilities and Zero Days.
- IT Security mindset, familiar with best practices and implementing security guidelines
- Pentesting competencias proven through certificates and / or CTF
- English, medium level (understanding technical documentation, speaking with other AG colleagues, steering meetings)
- Computer Engineering or other technical related education desired with cybersecurity Specialization.
- Young enginnering, at least ine year of experience, or entry level with specialization in Cyber.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Companys success, reputation and sustainable growth.
Ciberseguridad, Pentesting