{{ flashMessage.message }} {{ flashMessage.linkText }} {{ flashMessage.linkText }} {{ flashMessage.linkText }}

Vulnerability Management Specialist

PricewaterhouseCoopers

Amman, Jordan

PricewaterhouseCoopers careers & jobs

Posted
Ref: HP639-4596

Apply Now

Job description / Role

Employment: Full Time

Line of Service
Internal Firm Services

Industry/Sector
Not Applicable

Specialism
IFS - Information Technology (IT)

Management Level
Senior Associate

Job Description & Summary
A career in Information Technology, within Internal Firm Services, will provide you with the opportunity to support our core business functions by deploying applications that enable our people to work more efficiently and deliver the highest levels of service to our clients. You'll focus on managing the design and implementation of technology infrastructure within PwC, developing and enhancing both client and internal facing applications within PwC, and providing technology tools that help create a competitive advantage for the Firm to drive strategic business growth.

Our Operations Support team monitors the overall quality of our service. As a part of the team, you'll be the primary contact for ensuring the quality of our services is maintained while also considering better ways to provide the same service in a more cost efficient manner and keeping customer satisfaction with our services high.

• As a Vulnerability Management Specialist, you will play a critical role in safeguarding our firm's information systems by conducting comprehensive vulnerability assessments, identifying and prioritizing security weaknesses, and collaborating with various teams and departments to develop and implement effective mitigation strategies.
• You will be instrumental in enhancing our cybersecurity posture through meticulous analysis, strategic planning, and continuous improvement practices.
• Vulnerability Assessment & Monitoring: Conduct regular and thorough vulnerability assessments on endpoints and servers, primarily utilizing the Tenable platform. Continuously monitor the Tenable platform for new and evolving vulnerabilities, ensuring timely identification and response.
• Vulnerability Analysis & Prioritization: Identify vulnerabilities in the system and prioritize them based on their severity, impact, and potential risks to the firm.
• Categorize vulnerabilities considering various factors like exploitability, asset criticality, and potential business impact. Collaboration & Coordination: Work closely with the Middle East Network Information Security (NIS) team to ensure alignment on vulnerability management priorities.
• Collaborate with the global End User Device Management (EUDM), Local Tech Majlis, application owners, system administrators, and other relevant teams to develop and implement effective mitigation strategies. Engage with counterparts in the United Kingdom to leverage lessons learned and incorporate best practices into the vulnerability management process.
• Reporting & Communication: Analyze data from the Tenable platform and other sources to provide detailed, actionable reports to relevant stakeholders.
• Communicate effectively with technical and non-technical stakeholders to ensure a clear understanding of vulnerabilities, impacts, and remediation strategies.
• Remediation Tracking & Management: Work with stakeholders to prioritize and track the progress of vulnerability remediation efforts. Ensure that remediation activities are conducted within agreed timeframes and compliance requirements.
• Continuous Improvement: Regularly review and update vulnerability management policies and procedures to reflect changing threats and firm needs.
• Stay abreast of the latest cybersecurity trends, tools, and best practices to continuously enhance the vulnerability management program.

Requirements

Required Skills
• Level 2: Cybersecurity Analysis Description: Demonstrates in-depth knowledge of cybersecurity threats and vulnerabilities, employing advanced analytical skills to assess and prioritize risks.
• Expectations: Conducts thorough vulnerability assessments using industry-standard tools and methodologies.
• Accurately identifies and classifies vulnerabilities based on severity and potential impact.
• Regularly updates and refines vulnerability assessment criteria to align with evolving cybersecurity threats.
• Level 2: Vulnerability Management Description: Develops and implements strategic plans for vulnerability management, including prevention, mitigation, and response strategies.
• Expectations: Designs and executes vulnerability management programs that align with organizational security policies.
• Collaborates with IT and security teams to ensure comprehensive coverage of all systems and applications.
• Monitors and reports on the effectiveness of vulnerability management strategies, suggesting improvements as needed.
• Level 2: Technical Proficiency Description: Exhibits expertise in utilizing a range of cybersecurity tools and practices, maintaining up-to-date knowledge of technological advancements.
• Expectations: Demonstrates proficiency in using advanced security tools for network scanning, penetration testing, and threat analysis.
• Keeps abreast of new security technologies and integrates them into existing vulnerability management practices.
• Trains and mentors junior team members in the use of cybersecurity tools and techniques.
• Level 2: Communication Description: Effectively communicates complex cybersecurity concepts to diverse audiences, ensuring clarity in both written and verbal forms.
• Expectations: Articulates technical details clearly to non-technical stakeholders, facilitating informed decision-making.
• Develops comprehensive reports and presentations on vulnerability findings and remediation strategies.
• Actively participates in cross-departmental meetings, providing expert insights into cybersecurity issues.
• Level 2: Collaboration Description: Fosters a collaborative environment, working effectively with cross-functional teams to enhance overall cybersecurity posture.
• Expectations: Engages in proactive knowledge sharing and collaboration with IT, network, and security teams.
• Participates in joint initiatives to develop and refine organizational cybersecurity strategies.
• Supports team members in resolving complex security challenges, fostering a cooperative work environment.
• Level 2: Continuous Learning Description: Committed to continuous professional development, staying abreast of the latest cybersecurity trends and best practices.
• Expectations: Actively seeks out and engages in professional development opportunities, such as certifications and trainings.
• Regularly contributes to internal knowledge bases with latest findings and learnings in cybersecurity.
• Applies new knowledge and skills to enhance the effectiveness of vulnerability management processes.
• Level 2: Customer Focus Description: Aligns cybersecurity efforts with client needs and expectations, delivering tailored solutions that enhance client trust and satisfaction.
• Expectations: Conducts regular client consultations to understand unique security needs and adapt strategies accordingly.
• Develops and maintains strong client relationships, ensuring transparent communication and feedback loops.
• Customizes cybersecurity solutions to address specific client concerns and regulatory requirements.

Required Language Skills:

• Fluent in English Minimum Education and Qualification(s) Bachelor's degree in Computer Science, Information Security, or a related field or relevant experience.
• Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are highly desirable.
• Proven experience in vulnerability management, cybersecurity, or a related field. Strong knowledge of security frameworks, risk management, and vulnerability assessment tools.
• Excellent analytical, problem-solving, and communication skills.
• Required Years of Experience 3-5 years in mid-level positions in cybersecurity, network security or IT risk management, Desktop support, End user computing

About the Company

At PwC Middle East, we've set out an ambitious purpose and strive to live it everyday: to solve important problems and build trust in society.

We're a community of solvers that come together in unexpected ways to build trust and create sustained outcomes. We solve important problems, support one another as we grow, develop and build fulfilling careers.

PwC provides industry-focused services for public and private clients across Assurance and Audit, Deals, Consulting, Tax and Legal. We draw on our development legacy that brings together the collective experience of over 7,000 people in our region with offices across 12 countries to solve for tomorrow.

We're striving to consistently deliver innovative work that builds trust and delivers sustained outcomes. And we're proud of the strength that comes from all our different backgrounds and experiences and we value everyone's uniqueness. We thrive in uncertainty, operate with integrity and leverage the diverse perspectives of our teams.

If you're looking for a place that fuels your ambition to make a difference, that matches your curiosity with continuous learning opportunities and reimagines ways of working to enable you to lead a more balanced life, then you're a future PwCer.

Apply Now
Explore PricewaterhouseCoopers careers
Advertise Here
Job Search Support
Get a Free CV Review
Get a professional CV
Find Top Talent
Explore Our CV Database Post a Job Now
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month
Sign up for job alerts

Other Services

Gulf Labour Laws
Public Holidays
Courses
Employment News
  • © GulfTalent 2024. All Rights Reserved.