Vulnerability Management Program Specialist
Ottawa, ON, Canada
ADGA Group Consultants IncBrilliant Minds. Critical Challenges. Proven Solutions. Solving complex problems for our clients across the Canadian defence, public, and commercial sectors.
Founded in 1967, ADGA is a privately owned and operated Canadian company. We employ over 700 highly skilled team members who apply their knowledge and expertise in service delivery of advanced technology solutions for clients in the Defence, Security and Professional Services markets across Canada.
Celebrating over 50 years in business, we are proud to be one of Canada’s most trusted professional engineering and consultancy firms. Our clients continue to rely on ADGA to provide subject matter expertise, and quality talent to fulfill their business objectives. We have done so successfully by anticipating and responding to the constant changes in technology, and evolving with agility.
Our culture of commitment, trust, and accountability guides our business, fosters our growth, and is at the core of our relationships with clients, employees and consultants. Whether your projects are complex, large-scale requirements, or dependable, professional resources to execute on time, and on budget, you can count on ADGA to deliver. We are dedicated to your success.
ADGA Group Consultants Inc. is hiring a Vulnerability Management Program Specialist.
As the Vulnerability Management Program Specialist, you will play a pivotal role in a comprehensive project aimed at building a robust Vulnerability Management (VM) program for our client. This involves creating governance models, policies, and remediation execution models. While this initial phase does not involve tool implementation, your expertise is crucial for shaping the program's foundation.
Your responsibilities will include defining VM program's governance model, policies, and remediation execution model, focusing on roles (RACI) and key performance indicators (KPIs). You'll also establish scan policies, covering frequency, types, and target selection.
In addition, you will play a pivotal role in ensuring the security of our organization's digital assets. This includes prioritizing and categorizing vulnerabilities, defining workflows, and setting SLAs/KPIs for remediation efforts.
You'll oversee the development and enhancement of our client's VM Program, defining its scope, identifying gaps, and recommending suitable tools. A key deliverable is a comparison report on vulnerability management platforms and suggesting a platform of choice to guide our client's decision-making.
- Define the scope of the Vulnerability Management Program.
- Identify gaps between the current state and the desired state of the Vulnerability Management Program.
- Recommend and select Vulnerability Management tools based on industry standards and best practices.
- Develop a concise overview of the technological architecture required for the Vulnerability Management program, focusing on tool selection and integration.
- Construct a strategic roadmap outlining key milestones and timelines for the Vulnerability Management program's development, providing a clear trajectory for implementation.
- Develop and update governance models to ensure effective program oversight.
- Develop and update Vulnerability Management program policies.
- Identify and update key stakeholders and define their roles and responsibilities within the program.
- Define and update vulnerability prioritization and categorization policies and workflows.
- Establish and update vulnerability remediation and retest workflows, including RACI and SLAs/KPIs.
- Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
- Proven experience in developing and implementing Vulnerability Management Programs.
- In-depth knowledge of industry-leading vulnerability assessment and management tools such as Tenable, Qualys, Rapid7, OWASP, and SolarWinds.
- Strong understanding of cybersecurity best practices, standards, and frameworks.
- Excellent analytical and problem-solving skills.
- Effective communication and collaboration abilities.
- Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) preferred.
- Must currently hold Federal Government Secret Clearance
- Copies of Degree/Diploma/Certifications will be required
ADGA commits to putting diversity into action to build a stronger, more representative team and help our customers and communities thrive. We are a proudly Canadian company, striving to further diversity, equity, and inclusion in the workplace and provide every individual with the opportunities and resources to help them reach their full potential.
Since being acquired by Commissionaires Ottawa, ADGA has adopted the social mandate of Commissionaires to create meaningful employment opportunities and generate financial resources for veterans of the CAF, RCMP, their families, and fellow citizens who share a passion to contribute to the security and well-being of Canadians.
ADGA s'engage à mettre la diversité en action pour bâtir une équipe plus forte et plus représentative et aider nos clients et nos communautés à prospérer. Nous sommes une entreprise fièrement canadienne. Nous nous engageons pour promouvoir la diversité, l'équité et l'inclusion dans le milieu de travail et d'offrir à chaque personne les possibilités et les ressources qui lui permettront de réaliser son plein potentiel.
Depuis son acquisition par Les Commissionnaires Ottawa, ADGA a adopté le mandat social de Les Commissionnaires qui consiste à créer des possibilités d'emploi significatives et à générer des ressources financières pour les anciens combattants des FAC, de la GRC, leurs familles et leurs concitoyens qui partagent la passion de contribuer à la sécurité et au bien-être des Canadiens.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs