Senior Information Security Vulnerability Analyst - Lisboa, Portugal - Novasyte

Novasyte

Empresa verificada

Lisboa, Portugal

há 1 dia

Postado por:

João Santos

Recrutador de beBee

Descrição

Location:
Portugal

Work model:
Hybrid (1 day per week in the office)

This is one of a key cybersecurity role within the global Information Security organization.

The individual fulfilling this Senior Vulnerability Analyst role will partner closely with IT professionals both within the core CIO organization and those in the Global Business Units performing assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.

RESPONSIBILITIES

Delivering on a portfolio of tasks as part of Vulnerability Management Service
Conducting comprehensive vulnerability assessment and continuous monitoring across IQVIA
Support the business lead vulnerability remediation activities
Maintain an oversight of existing vulnerabilities in the IQVIA estate
Develop and maintain a solid understanding of the IQVIA Integrated Information Security Framework and industry best practice and frameworks
Develop and document operational procedures and metrics in relation to carried out activities
Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions
Collaborate with the business, CIO teams and CAPA management to ensure that control deficiencies are registered and remediated
Reporting regularly to management on the status of assigned activities including issues, risks and remediation actions.
All responsibilities are essential job functions unless noted as nonessential (N)._

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES

Generic knowledge of how Internet works (protocols, services, ports, connections, devices, ISO/OSI layers
Knowledge of industry tools for security scanning and vulnerability management solutions (Qualys, Tenable Nessus or Nexpose)
Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
Knowledge of IT processes (SDLC, ITIL) in regulated environments
Experience in Cyber Security, Vulnerability Management and/or security testing
Excellent written and verbal communication skills
Effective organization and time management skills
Ability to write with purpose, clarity and accuracy
Ability to work both within a team environment and independently to initiate and prioritize tasks
Ability to establish and maintain effective working relationships with coworkers and management in a global environment.
Knowhow of scripting languages is a plus
Experience in ServiceNow is a plus

MINIMUM REQUIRED EDUCATION AND EXPERIENCE

An ITIL or project management certificates are not required but beneficial.
A relevant qualification: CompTIA Security, CASP+, CEH, GIAC (GSEC, GCED etc.), SSCP or similar is a plus

IQVIA is a leading global provider of advanced analytics, technology solutions and clinical research services to the life sciences industry.

We believe in pushing the boundaries of human science and data science to make the biggest impact possible - to help our customers create a healthier world.

Learn more at