Vulnerablility Manager

Proclinical are recruiting for a Vulnerability Manager to join a pharmaceutical organisation. This role is on a permanent basis and is located in Lachen.

Responsibilities:

• You will develop management-level communications which involves constant report of business centric security metrics for the VM service.
• The ideal candidate will advise and mentor IT colleagues and any other technical teams such as platform owners, production automation teams, to aid in delivering vulnerability remediation across all sites.
• Assist ISRM colleagues on the design of security education training awareness program, with lessons learned and root causes recognised within the VM service delivery.
• Responsible for improving and running the security vulnerability management service for IT and OT assets, as well as in systems hosted in public and private clouds.
• Operate with a 'service outlook' with efficient and positive collaboration with IT platform owners and any other IT colleagues, as well as with third party security providers.
• You will serve as a cybersecurity SME, examining the business impact of cybersecurity risks posed by vulnerabilities, recognising alternative risk mitigation actions for such risks.
• Other duties may be assigned.

Key Skills and Requirements:

• Educated to a degree level in an information security, IT or corresponding.
• Pertinent security certifications, for example: ISC2, ISACA, CREST CCTIM or CCIM, SANS and Vendor Certifications would be ideal.
• Demonstrable experience within IT in pertinent roles, for example: systems developer, network engineering and operations, or security engineering.
• Exhibited experience in vulnerability management, ideally within organisations which have manufacturing business operations.
• Expertise in vulnerability solutions such as Qualys, Claroty or similar used in OT networks.
• Comprehension of VM security theory and application which involves Vulnerability lifecycle and rating such as CVSS-SIG/CVE-Mitre; OWASP / Top 10; and Application security testing strategies such as SAST, DAST, IAST, and RASP.
• Familiarity with running penetration testing with third party service providers from contracting through remediation of discoveries.
• Know-how of exploitation of vulnerabilities, attack patterns, threat actors TTP's such as Techniques, Tactics & Procedures; use of the Mitre ATT&CK and any other threat modelling frameworks.
• Expertise on GxP, CSV and pharmaceutical organisation linked guidelines would be ideal.
• Acquaintance within vulnerability management for operations technologies infrastructure and systems is preferable.
• Capable of outlining project/program objectives and roadmaps based on business/service customer requirements and tactical direction as well as guarantee that committed projects are delivered by the pertinent team members in a timely manner.
• A confident individual with a high level of integrity and presents self in a professional manner.
• Communication skills both verbally and in writing.
• Fluency in German and English.
• A resilient individual with the ability to be motivated with a high degree of responsibility.
• Good operating capabilities within a dynamic team setting.
• Presentation and training skills with the ability to manage relations, consult and deliberate.
• Able to work within a matrix and geographically dispersed organisation.

If you are having difficulty in applying or if you have any questions, please contact Jana Van Zyl at +41 61 568 79 82.

Proclinical is a specialist employment agency and recruitment business, providing job opportunities within major pharmaceutical, biopharmaceutical, biotechnology and medical device companies.

Proclinical Staffing is an equal opportunity employer.

#LI-JV3

#IT&DigitalTransformation