Job Description
Lead resilience assessments for multiple IBS applications frontoffice and backoffice ensuring alignment with operational resilience standards
Review architecture documents and application artefacts leveraging data from platforms
Prefill vulnerability questionnaires identify issues or questions and facilitate workshops with ITSO to address findings
Analyse metrics and data eg incident logs to identify resilience issues vulnerabilities and areas for improvement
Ensure timely signoff of assessments by all relevant stakeholders
Consolidate findings into comprehensive reports providing actionable recommendations to help the business prioritise remediation actions
Raise identified vulnerabilities as required
Contribute to executive summaries for IBS and participate in presentations to stakeholders
Vulnerability Management
Manage the endtoend vulnerability lifecycle including creation approval tolerance assessment progress tracking reporting remediation closure governance closure pack preparation approval QA and closure
Conduct control reviews outside of standard vulnerability assessments raising vulnerabilities as needed
Collaborate with IT Service Owners to address identified gaps gathering information on risk impact severity mitigation and remediation plans
Work with Service Sustainability Leads and IT Service Owners to collect details on Evergreening items
Ensure Impact Assessments are completed for all raised vulnerabilities and update Vulnerability Severity records accordingly
Support other Lines of Business with tolerance assessments linked to MSSowned applications and vulnerabilities
Analyse weekly vulnerability reports to identify new vulnerabilities impacting MSS Important Business Services and drive them through the tolerance assessment process
Ensure remediation actions are reflected in golden source systems
Prepare closure packs with supporting evidence
Prepare Risk and Control Management Meeting packs or equivalent reports for various stakeholders
Represent the team in governance forums as a delegate when required
Provide inputs and collaborate with stakeholders to prepare consolidated CIB reports
Participate in vulnerability portal feature testing provide feedback and contribute requirements for the product backlog
Attend and actively contribute to daily and weekly meetings related to Ops Resilience and Vulnerability Management collaborating with lines of business and other stakeholders
Qualifications Experience
Bachelors degree in Information Technology Computer Science or related field or equivalent experience
Proven experience in operational resilience risk management or vulnerability management within a large financial institution
Strong understanding of resilience frameworks vulnerability lifecycle management and regulatory requirements
Excellent analytical communication and stakeholder management skills
Ability to work collaboratively across teams and drive crossfunctional initiatives
Key Capabilities
Strong problemsolving and analytical skills
Effective communicator with the ability to present complex findings to technical and nontechnical stakeholders
High attention to detail and commitment to quality
Proactive selfmotivated and able to manage multiple priorities in a fastpaced environment
Skills
Mandatory Skills : Infra Vulnerability Management - Qualys
Good to Have Skills : Infra Vulnerability Management - Tenable IO, Infra Vulnerability Management - Tenable Nessus, SC, CS, Infra Vulnerability management/Triaging/ Remdiation Advisory / ServiceNow /ITSM /CMDB