Security and Vulnerability Engineer

Job Description

Security and Vulnerability Engineer (Fixed Term Contract)

What part will you play:
The role of the Security/Vulnerability Engineer is to deliver additional technical and administrative support to the Asia Pacific teams and enable them to implement and comply with the new WarnerMedia security policies.

The candidate must be a strong team player, possess a keen eye for detail, be able to work to tight deadlines, and possess the ability to prioritize and coordinate. They should also have a high level of computer literacy and an understanding of the current security landscape.

Essential job functions:
• Provide expertise in vulnerability management processes and network vulnerability scanning to reduce the potential impact on business
• Configure network scans, schedule network scans to run with bandwidth use in mind, and ensure accurate vulnerability assessment
• Monitor all aggregated security vulnerability data to provide opinion on the security posture of the estate
• Facilitate approval of business operation change requests and administration/policy configuration of all Infrastructure toolsets
• Review and manage Security Events or policies, investigating incidents and managing them through the life cycle up to remediation/resolution and lesson learned phase
• Helping develop/modify the current security/vulnerabilities support service model, identify actions and work plan according to the security gap remediation program
• Coordinate security and patching works among infrastructure teams in the APAC region and consolidates monthly report to keep track of progress
• Work alongside Cybersecurity SMEs to interpret metrics enable their collection and visualization
• Analyzing scan report results, drawing up conclusions and gaining agreement with teams, and carry out remediate actions according to deadlines
• Documenting the as-is and to-be processes and procedures and prepare to file exceptions on a case by case basis according to the guidelines
• Monitoring and reporting progress of agreed work packages, socializing any concerns or gaps that will impact the ability to deliver

Person specification:
Essential
• Solid experience on Infrastructure Security/Vulnerability management role in corporate environments
• Experience to use security tools and comprehend vulnerabilities reports e.g. Qualys, Tenable, BringQA, Sentential One, Alertlogic
• Preferably experience within the media industry across media supply chain operational environments
• Excellent IT skills (Windows and Linux) and preferably exposure to scripting (e.g. Ansible, Python)
• Experience with collaboration solutions such as SharePoint, Microsoft Teams, Slack, OneDrive, DropBox, etc.
• Experience of defining/enforcing security remediation operational arrangements e.g. change process, support matrix, and workflow
• Presenting recommendations to different stakeholders and gaining sign-off by addressing queries from different stakeholders
• Critical thinker and ability to work well under pressure with a tight deadline
• Good verbal and written communication skills, with the ability to communicate technical concepts to non-technical audiences

But wait, there is more!
• Part of the WarnerMedia family of powerhouse brands
• Cool benefits such as Summer Fridays
• More Fun, Less Fear, All In Culture

Jobcode: Reference SBJ-gpkw49-18-224-37-68-42 in your application.