VULNERABILITY MANAGER

About Security Bank

We are the Philippines' largest independent bank, having won countless awards over the years, including Philippines' Top Employer, named by Statistica, and Best Bank for Diversity and Inclusion, awarded by Asiamoney.​​

We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.​
​
Now, with more than 300+ branches nationwide, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.​

In our constant pursuit of excellence and improvement, we create teams that support our business and each other. 

About the role:

As Vulnerability Manager, you will be responsible for ensuring that the regular vulnerability assessment and penetration testing are conducted on a regular basis. The Vulnerability  Manager shall 
ensure that their identified vulnerabilities are accounted and resolved within the agreed time frame

How you'll contribute: 

• .Conducts vulnerability assessment and penetration testing based on scope and agreed 
  timeline.
• Identifies critical flaws in applications and systems that attacker could exploit.
• Participates as Subject Matter Expert (SME) and provides consultative recommendation 
  in discussion related to Vulnerability Assessment and Penetration Testing 
• Regular interaction with the IT VAPT team to understand the new technology and scanning 
  process.
• Uses automated tools to pinpoint vulnerabilities, exploitation and reduce time-consuming 
  tasks
•  Configures the vulnerability scanner and ensure that scans are scheduled and performed 
  accordingly
• Uses manual testing techniques and methods to gain a better understanding of the 
  environment and reduce false negatives.
•  Coordinates with Network Operations Center (NOC), Incident Response Team (IRT), 
  Security Operations Center (SOC) and other units on matters related to cyber security 
  incidents due to unknown or identified vulnerability

What we’re looking for

•  Flexible and capable of taking multiple tasks and meet tight deadlines
• Self-motivated and result-oriented, driving projects to meet the designated schedule
•  Excellent interpersonal communication & presentation skills.
• Proficient in both oral & written communication.
• Knowledge on IT Operations, IT Network/Infrastructure, Information Security, Vulnerability 
  Management, Risk Management.
• Experience with various operating systems including Windows, Linux and Unix
   Experience with various security tools and products (Nessus, Qualys, Metasploit, Burp Suite, 
  Core Impact, etc.)
• Understanding on Security and Infrastructure Architecture/Technologies: including but not 
  limited to Routers, Firewalls, IDS, VPN, Multi/Two Factor Authentication, Identity 
  Management, Data Leak Prevention, Encryption, Application Security, Vulnerability