Lead, Vulnerability Management

IT - Project Management
markham, ON
Sep 28, 2020

Our client

One of North America's most recognized and respected brands, voted one of the best companies to work for in Canada, is looking for someone to assist in their continued , large scale business and technology transformation initiatives.

What’s in it for you?

Stand up a new vulnerability management program and be at the forefront of transformation in a Fortune 500 firm looking to take advantage of IOT, Big Data, Cloud, and Mobile platforms. Greenfield opportunity, a chance to build, influence and design- to make the job your own, in a company that has great people and believers in work/life balance etc.



  • You will lead and drive the vision for the evolution of the Vulnerability Management Program. Responsible for ensuring continuous vulnerability lifecycle management within the environment
  • You must form strong partnerships with technical teams and provide strategy and prioritization to control vulnerabilities in the environment in a timely and effective manner. 
  • In addition, you will also be responsible for maintaining, enforcing and improving the Secure Configuration Baseline for all operating systems in use.

Primary Deliverables:

  • Lead and drive the mission and vision for the Vulnerability Management Program within the Cybersecurity Operations team
  • Work with various stakeholders to ensure vulnerabilities are remediated according to SLA and prioritization 
  • Mature vulnerability management reporting and metrics, to drive remediation of vulnerabilities throughout the organization.
  • Analyze vulnerability data to identify trends, areas of opportunity to prioritize remediation
  • Lead the strategy planning, design, development, documentation and implementation of the Vulnerability Management program
  • Experience working with CIS benchmarks, policy compliance and vulnerability scanning tools
  • Experience working with ServiceNow VM module an asset
  • Perform as a vulnerability management SME in one or more of the following areas:  Microsoft platform (Server, workstation, applications), Open Systems platforms (Linux, UNIX, VM Ware ESX), Java, Adobe, Web Application, Java web app virtualization platforms (e.g. WebSphere), Networking, Databases (Oracle, SQL Server, DB2, IMS), and others.
  • Have the ability to understand and develop enterprise policy and technical standards with specific regard to vulnerability management and secure configuration.


Skills & Qualifications

  • Industry standard security best practices and vulnerability management processes including compliance reporting.
  • Should also have good knowledge of Windows Server , Linux etc. and
  • Security certifications, (or willingness to get in 1 year) and a degree.
  • Bachelors and/or Master’s Degree or equivalent in Information Security, Engineering, Computer Science, or related field and 7+ years experience in information security field.
  • Industry standard security best practices and vulnerability management processes including compliance reporting.
  • Advanced experience with various perimeter and endpoint security tools.
  • Demonstrate knowledge of IT security best practices including operating systems (Windows, UNIX, and Linux), end-user application, and network security.
  • Demonstrate knowledge of networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, etc.).
  • Knowledge of OWASP top 10, PCI, HIPAA, ISO, NIST, and IT Controls.


Send to Friend

Send to Friend