Vulnerability Management Analyst (SG)
CBD, Central Singapore, Singapore
Applications have closed
Crypto.com
Over 80 million users buy, sell, and trade Bitcoin, Ethereum, NFTs and more on Crypto.com. Join the World's leading crypto trading platform.Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10+ million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have CCSS Level 3, ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance. Crypto.com is with a 2600+ strong team globally. For more information, please visit www.crypto.com.
Description
Crypto.com is seeking experienced Vulnerability Management & Configuration Management analysts to join our high-performing and agile team. This role has the direct responsibility for supporting the Vulnerability Management and Configuration Management program. The Vulnerability Management Analyst will perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The Vulnerability Management Analyst will measure effectiveness of defense-in-depth architecture against known vulnerabilities.
Responsibilities
- Assist in the analysis and remediation of findings discovered during scheduled internal and third party vulnerability scans and penetration tests
- Review and triage vulnerability alerts into manageable reports for other analysts and management to review
- Assist in asset management activities
- Manage vulnerability and configuration scanning tools, like setting up vulnerability scanners, scheduling scans, tuning scanning profiles, etc.
- Use asset risk profiles, vulnerability severity ratings, and threat information to communicate priorities for remediating vulnerabilities
- Provide stakeholders with advice and assistance in identifying false positives and cost-effective vulnerability remediation or mitigation solutions
- Develop security documentation under the guidance of the Vulnerability Management & Configuration Management Lead
- Assist in patching remediation actions like providing scripts
- Provide support and input for assessing risks associated with unmitigated vulnerabilities and configuration weaknesses.
- Support asset management initiatives by assisting with asset identification, classification and ownership.
Requirements
- 3+ years of experience working in information security
- 2+ years of experience in vulnerability assessment & remediation
- Knowledge of common framework like CIS, NIST, etc.
- Experience conducting security risk assessments
- Experience of using vulnerability management tools like Tenable, Qualyst, Tripwire, etc.
- Cloud experience (AWS, Azure, GCP) a plus.
- Proficiency in a scripting language like Python, PowerShell, or Bash is preferred.
- Information Security certifications (CISSP, SANS GIAC, Security+, etc.) a plus.
- High work ethic and sense of ownership for the delivered results.
- Excellent communication skills in English (spoken & written) and comfort communicating security risks and controls to technical and non-technical partners required.
Benefits
- We offer an attractive compensation package working in a cutting-edge field of combining cryptocurrency and financial services.
- Huge responsibilities from Day 1. Be the owner of your own learning curve. The possibilities are limitless and depend on you.
- You get to work in a very dynamic environment and be part of an international team.
- Flexible working.
Tags: Agile AWS Azure Bash CISSP Cloud Compliance Crypto GCP GIAC ISO 27001 NIST PowerShell Privacy Python SANS Scripting Tripwire Vulnerabilities Vulnerability management Vulnerability scans
Perks/benefits: Career development Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs