WTW Cloud Operations Vulnerability Management Engineer * in Taguig, Philippines
Our cloud operations team is continuously expanding in terms of services and technology. We are looking for a Vulnerability Management Engineer who will play a crucial role in ensuring the security and stability of our technology infrastructure across the whole company. You will be tasked
to be the technical lead for a team who is responsible for identifying, assessing, and mitigating vulnerabilities across our systems, networks, and applications working 3 shifts. The line management will be Manila based but there will be a matrix line management team based in the UK. This team is a new startup team working with the Cloud Operations team extensively in managing the various infrastructure of WTW.
The following are key responsibilities we are looking for BUT we are keen to recruit talented individuals who have
a learning agility and looking to develop their career further.
Provide expert level technical assessment, recommendations
Lead in complex and high priority Tasks and projects
Perform necessary mentoring and coaching to more junior team members
Continuously look for areas of innovation, improvement
Suggest new or latest tools and technologies
Lead and implement proof of concepts or technology/process rollouts for innovation and improvement
Lead the vulnerability management program by regularly conducting vulnerability assessments, scans, and penetration tests across our IT landscape.
Collaborate with cross-functional teams to identify and prioritize vulnerabilities based on their severity and potential impact.
Implement industry best practices for vulnerability remediation and track the progress of remediation efforts.
Stay current with emerging cybersecurity threats and vulnerabilities through continuous monitoring of industry trends, threat feeds, and security advisories.
Analyze threat intelligence data to anticipate potential risks and proactively address vulnerabilities before they are exploited.
Risk Assessment and Reporting:
Conduct risk assessments to evaluate the potential impact of identified vulnerabilities and recommend appropriate risk mitigation strategies.
Prepare and present comprehensive vulnerability assessment reports to technical and non-technical stakeholders, including senior management.
Collaboration and Training:
Work closely with IT teams to provide guidance and recommendations for vulnerability remediation.
Collaborate with system administrators, developers, and other relevant stakeholders to ensure secure software development practices.
Conduct training and awareness sessions for employees on cybersecurity best practices and the importance of vulnerability management.
Compliance and Standards:
Ensure compliance with relevant industry standards, regulations, and frameworks related to vulnerability management (e.g., ISO 27001, SOC, SOX).
Bachelor's degree in Computer Science, Information Security, or a related field.
Professional certifications such as CISSP, CISM, CEH, or equivalent.
Proven experience (5+ years) in vulnerability management, penetration testing, or related roles.
Strong knowledge of common cybersecurity vulnerabilities, attack vectors, and risk assessment methodologies.
Proficiency in using vulnerability scanning tools and platforms
Excellent communication skills with the ability to convey technical information to both technical and non-technical audiences.
Strong analytical and problem-solving abilities.
Excellent written and oral English communication skills
Experience in working in multiple time-zones/countries and rotating shift systems to align with business demands.
Communicate and share knowledge with wider team so there is continuous learning and knowledge transfer across the team
Equal Opportunity Employer
- WTW Jobs