Associate, IT Security Vulnerability Management

Associate, IT Security Vulnerability Management Coordinator

**Overview**:
Nomura employs a robust Vulnerability Management (VM) team, members of which are located in all of its major regions, namely EMEA, Americas, India, Singapore, and Japan. This team is separated into two distinct areas:

- Vulnerability Management - Operations
- Vulnerability Management - Coordinators

Operations is responsible for the day to day BAU requirements of VM operations along with vulnerability and policy based remediation, analysis, notification and tracking. Members are also responsible for designing, implementing and maintaining Nomura's IT Security Policy and strategies Coordination is more focused on vulnerability analysis and remediation of the vulnerabilities. They will be using the regular scan results and work with the varying remediation teams to remediate the vulnerabilities within set Patch/Remediation Guidelines

**Responsibilities**:
This position will coordinate information and actions across all Regional Teams (other regional VM leads and coordinators), meeting with them regularly through regional handovers. The position will also be responsible for regional regulatory, audit and KRI reporting ensuring regional VM scanning, remediation and policy scans ensuring SLAs and reporting KRIs. The focus of this resource will be primarily AEJ Region (but includes coverage across the global; handover of other regional Ops resources is critical)

The position also will be required to know and work along with other teams in these varying areas:

- Threat Intelligence
- Security Operations Centre
- Security Surveillance
- Vender Risk Management
- Cyber Incident Response and Forensics
- Penetration Testing and Red Team Exercises
- Governance, Risk, and Compliance (GRC),
- Security Architecture
- IT Security Policy Setting
- Information Security Management and Training

All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).

**Requirements**:

- Minimum Degree in Information Technology or Computer Science from an accredited University
- Minimum of 10 years' experience in IT Security focusing on Vulnerability Management and Vulnerability Management Coordination
- Experience with server administration (on Windows, UNIX, Database, Networks platforms)
- Experience in conveying complex information that is easily understandable to non-technical individuals and business clients while under strict deadlines.
- Must have solid critical thinking skills and be able to collect and analyze evidence from logs, monitoring and other diagnostics
- Possess security certifications such as: Nexpose NCA/NACA, AWSCS, PCCSE, CISSP, CISM, CISA, Security+, CEH, CCSK, or similar industry recognized certifications.
- Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
- Must have prior experience in an IT operations/support role and IT Security
- Strong Operational Knowledge and conceptual understanding of other infrastructure and Security technologies as it pertains to servers, database, core services, and networks.
- Ability to prioritize and effectively triage issues.
- Ability to effectively balance time between day-to-day support work and project-related tasks.
- Ability to work in a team-oriented setting is a definite requirement with strong interpersonal skills.
- Ability to deal with changing priorities and work with global teams 4
- Vulnerability Management Tooling (Rapid7 or other VM Tooling background)
- Operational Support Experience within MS Active Directory or Exchange infrastructure
- Operational Support Experience within Red Hat Enterprise Linux, or Solaris based systems
- Operational Support Experience within Networking
- Other best-practice IT certifications such as ITIL or COBIT
- Working Knowledge with Service Now and/or CMDB concepts

**Diversity Statement**

Nomura is committed to an employment policy of equal opportunities, and is fundamentally opposed to any less favourable treatment accorded to existing or potential members of staff on the grounds of race, creed, colour, nationality, disability, marital status, pregnancy, gender or sexual orientation.

**DISCLAIMER** **:This Job Description is for reference only, and whilst this is intended to be an accurate reflection of the current job, it is not necessarily an exhaustive list of all responsibilities, duties, skills, efforts, requirements or working conditions associated with the job. The management reserves the right to revise the job and may, at his or her discretion, assign or reassign duties and responsibilities to this job at any time.**

Nomura is an Equal Opportunity Employer

Job ID 5527