Organizational Context:
Our client is a leading education company maturing their security environment with brand new security roles.The Cyber Threat Intelligence and Vulnerability Management Lead will join the Information Security team within the Technology division. This team is responsible for ensuring the confidentiality, integrity, and availability of our client’s information assets, and for providing a secure computing environment. The Lead will report to the Information Security Manager and work closely with other teams within Technology, business stakeholders, and external partners.Position Purpose:The Cyber Threat Intelligence and Vulnerability Management Lead will design, implement, and manage a sustainable threat and vulnerability management practice. This Lead will collaborate with a team of highly motivated cybersecurity practitioners to develop and maintain threat intelligence and vulnerability management capabilities that support our client’s information security program. The Lead will also work with internal and external stakeholders, including threat intelligence partners, vendors, and business partners, to design and implement strategies to mitigate cyber risks and vulnerabilities.Key Responsibilities:
- Develop and maintain the threat intelligence and vulnerability management program to identify and prioritize potential threats to the company's information assets.
- Lead a team of cyber threat analysts and vulnerability management specialists to ensure vulnerabilities are identified, tracked, and remediated in a timely manner.
- Develop and maintain relationships with external threat intelligence partners and vendors to stay current on emerging cyber threats and vulnerabilities.
- Lead the development and operationalization of critical infrastructure and insider threat intelligence practices.
- Provide regular briefings to senior leadership and business partners on the evolving threat landscape and organizational vulnerabilities.
- Develop and report intelligence analysis findings to incident response teams, senior leadership, and external partners.
- Own and manage relationships with external threat intelligence partners and vendors, promoting intelligence sharing practices.
- Provide expert advice to help prepare and update the vulnerability management roadmap and develop, maintain, and publish project plans and operation schedules.
- Lead research, data analysis, and management in relation to threat intelligence and vulnerability management metrics, key risk indicators, trends, and compliance.
- Other duties as directed from time to time.
Key Requirements:
- Substantial knowledge and experience in information technology, cybersecurity, and vulnerability management principles, practices, relevant standards, and legislation.
- Advanced knowledge and experience with threat intelligence platforms such as MISP, PaloAlto XSOAR, Anomali, and EclecticIQ, as well as threat intelligence modeling languages and/or serialization formats such as STIX and TAXII.
- Extensive experience in threat modeling and identifying security risks in various ecosystems.
- Strong communication, leadership, and project management skills with the ability to work collaboratively with cross-functional teams, business partners, and external partners.
- Postgraduate qualifications in Cybersecurity or related fields and extensive relevant experience.
- Extensive experience and management expertise in vulnerability management within a large and complex organization.
- Security-related certificate(s) such as CISSP, CISM, or similar.
