At JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI.
To make a difference with us, all you need to do is bring your human best.
What will your story be? Apply now!
Learn more: jti.com
Reporting to: Infosec & Risk Management Director
Duty Post: GBS Manila, Taguig, Philippines
Application Duration: This job posting will remain open until the vacancy is filled.
Cyber SOC Vulnerability Manager
The Cyber Security Operations Center (CyberSOC) has ambitious goals to provide preventative protection to reduce the company attack surface.
As a Cyber Vulnerability Manager you will be responsible for identifying, assessing, and managing vulnerabilities within JTI systems, networks, and applications to enhance cybersecurity and reduce the risk of cyber attacks. This role involves implementing and overseeing vulnerability management programs and processes to identify security weaknesses, prioritize risks, and coordinate remediation efforts.
You will work closely with JTI IT and Network teams, CyberSOC colleagues, and stakeholders to ensure that vulnerabilities are properly assessed, documented, and addressed in a timely manner.
Responsibilities:
Assessment: Conducting regular vulnerability assessments across systems, networks, and applications to identify security weaknesses, misconfigurations, and potential vulnerabilities. Remediation: Coordinating with system administrators, developers, and other stakeholders to develop and implement effective remediation plans for identified vulnerabilities. This includes providing guidance and recommendations on patching, configuration changes, and security best practices to mitigate the identified risks. Reporting and Documentation: Creating comprehensive reports and documentation on identified vulnerabilities, their risk assessments, and remediation actions taken and progress to Cyber SOC Prevention Manager. This includes maintaining an up-to-date inventory of vulnerabilities and tracking their status throughout the remediation process. Vulnerability Management Program: Maintain JTI vulnerability management program that includes policies, procedures, and guidelines for vulnerability assessment, remediation, and ongoing monitoring. This involves staying up-to-date with the latest security threats, vulnerabilities, and industry best practices in collaboration with SOC CTI function. Risk Analysis: Analyzing the identified vulnerabilities to determine their potential impact and likelihood of exploitation. This involves assessing the risk associated with each vulnerability and prioritizing them based on their severity, criticality, and potential business impact. Collaboration and Communication: Working closely with cross-functional teams such as IT and business areas, different functions in the Information Security team to ensure effective communication and collaboration on vulnerability management efforts. This includes raising awareness about vulnerabilities, providing training and guidance to stakeholders, and fostering a culture of security awareness and responsibility. Security Compliance: ensuring that an organization's systems, networks, and applications are compliant with relevant security standards, regulations, and best practices.
Requirements:
2-3 years Vulnerability Management experience (from scanning to remediation). Experience in Compliance Monitoring (Security Hardening) will be considered as a plus. Excellent working knowledge of vulnerability assessment tools (primarily Tenable Security Center or Nessus), other vulnerability related tools will be considered as a plus. Knowledge of how to operate with a ticketing tool (primarily ServiceNow), similar ticketing tools will be considered Fluent English written and spoken Reading/Writing proficiency in Japanese is an advantage Analytical/problem solving ability Process management and Standard/Procedures literacy Change management Ability to work under constantly changing conditions and tight deadlines Strong verbal, written communication and presentation/dashboards skills
Are you ready to join us? Build your success story at JTI. Apply now!
Next Steps:
After applying, if selected, please anticipate the following within 1-3 weeks of the job posting closure: Phone screening with TA > Assessment tests > Interviews > Offer. Each step is eliminatory and may vary by role type.
At JTI, we strive to create a diverse and inclusive work environment. As an equal-opportunity employer, we welcome applicants from all backgrounds. We are committed to providing reasonable adjustments to applicants with special needs. If you require any accommodations, please let the Talent Advisor know during the selection process.