Summary

The Senior technical risk management engineer will act as a Technical SME for Risk management team members. And will be responsible of reduction of the overall security vulnerabilities and risks of the on-boarded entities by supervising, guiding, , analyzing, reporting and driving the mitigation actions of security vulnerabilities within the network, endpoint, and infrastructures of the entity in a consistent and expeditious manner. By minimizing the internal and external IT security risks, vulnerability management helps defend against proprietary and entity data loss and reduces the ability for threat actors to carry out malicious activities against the on- boarded entity information systems.

Job Responsibility

• Act as Leader and SME for MOI NSCO Risk and vulnerability management team with the On-boarded entities to minimize the identified vulnerabilities.

• Take responsibility and ownership for identifying and recommending solutions that minimize the risk and vulnerability of the on-boarded entity.

• Provide options and recommendations for ways to achieve the aims of the Risk and vulnerability management program mange the lifecycle through to delivery

• Take a pragmatic, risk based approach to delivering initiatives within the program. Balancing risk reduction, with quick wins and business need.

• Provide guidance regarding technical security best practice to on-boarded entities technical teams including input into the remediation plan requirements and design changes to ensure the best results.

• Understand, assess and effectively communicate security risks associated with identified vulnerabilities

• Escalate identified Critical Vulnerabilities and risks to NCSOC Risk manager

• Contribute to further iterations of developing Entity Risk based reports

• Contribute to further iterations of developing new rules, templates and reports that should enhance the Risk and vulnerability management service offered to the on-boarded entity

• Track and managed the status of Entities technical vulnerabilities until full remediation

• Conduct technical Risk meetings with Entities top management and technical teams