Cyber Vulnerability Analyst

Hybrid Sydney, CBD Office & WFH
- Newly Created Position
- Mix of Greenfield internal and external client projects to support

We're working with a globally recognised financial institution that is looking for a Cyber Vulnerability Analyst, you will be responsible for managing and coordinating local perimeter efforts with the APAC regional program for Vulnerability and Compliance Management.

You will be responsible for supporting Vulnerability and Compliance Management activities, ensuring timely assessment, remediation planning, handling, reporting, and follow-up until closure. You will collaborate with various teams, including APAC IT Production & Security, to ensure efficient vulnerability remediation within strict SLAs. Additionally, you will oversee Infrastructure Vulnerability and Compliance Management operations performed by APAC Production Security, and you will actively contribute to the technical migration to a new platform for vulnerability and compliance scanning and reporting.

**What you will be responsible for**:

- Support Vulnerability and Compliance Management activities, including assessment, remediation plan proposal and handling, reporting, and follow-up until closure.
- Coordinate with APAC IT Production & Security teams to ensure timely remediation of vulnerabilities within the strict SLAs.
- Oversee Infrastructure Vulnerability and Compliance Management operations requested to be performed by APAC Production Security, including scoping, scanning, reporting, and follow-up.
- Partner with global, regional, and local stakeholders to ensure organizational, procedural, and tooling efficiency for Infrastructure Vulnerability & Compliance Management, including asset connectivity, onboarding, and offboarding.
- Report the status of the practice to regional and local stakeholders regularly.
- Ensure 100% coverage of assets into security scanning tools.
- Participate in stand-up calls as part of the APAC Delivery teams.
- Collect and report improvement suggestions related to Vulnerability and Compliance Management practices.
- Provide a local point of contact for teams to communicate best practices, processes, tools, and available capabilities for Vulnerability & Compliance Management.
- Contribute to the organization's compliance with regulatory requirements and internal policies.
- Assist in the technical migration to a new platform for vulnerability and compliance scanning and reporting, troubleshooting when necessary and performing inventory comparisons for complete coverage.
- Contribute to the establishment and maintenance of control frameworks in day‐to‐day business activities, such as Control Plans; participate in Audit interviews and provide the required evidence.

**What you will need to be successful**:

- Minimum of 3+ years of experience as a security professional.
- Strong experience in Vulnerability Management activities, possessing technical knowledge and hands-on experience.
- Proficient knowledge of Vulnerability Management products and their report results (e.g., Qualys, Nexpose, Tanium Comply).
- Thorough understanding of technologies and security concepts.
- Project coordination experience.
- Familiarity with industry standards relating to Vulnerability Management, including Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS).

**Please note to be considered for this position you must have PR or Australian Citizen.**

SCR-reece-richardson-1