Vulnerability Management Analyst - Eveleigh, Australia - Commonwealth Bank of Australia

Commonwealth Bank of Australia

Verified Company

Eveleigh, Australia

2 weeks ago

Posted by:

Olivia Brown

beBee Recruiter

Description

Vulnerability Management Analyst

Vulnerability Management Analyst

You are a problem solver with a background in API and/or Container security
We are service orientated and take ownership
Together we can make a difference to our customers by owning the customer experience

Your business:

Cyber Security protects the bank and our customers from theft, loss, and risk events through effective and proactive management of cyber security, privacy and operational risk.

Your new team:

The Vulnerability Management team is responsible for identifying vulnerabilities through local
- and network-based vulnerability scanning, and ensuring remediation through assessment and reporting.

In this exciting and challenging role, you will:

Conduct security assessments on the banks APIs and Containers to identify vulnerabilities and recommend remediation steps
Analyse and interpret security scan results from automated scanning tools such as Noname or Sysdig to identify vulnerabilities and remediation steps
Work with development and operations teams to ensure that APIs and Containers are designed, developed, and deployed with security in mind
Collaborate with other members of the security team to maintain and improve our overall security posture
Stay current with emerging security threats and vulnerabilities and recommend appropriate mitigating measures

Do work that matters:

As a Vulnerability Management Analyst, you will work across various tools and technologies, while supporting the wider Cyber Attack teams.

You will perform vulnerability assessments and triage findings from the automated scans, and provide guidance to the various functional and technical stakeholders in addressing these findings.

This role is suitable for someone with a background in API and/or Container software

You will bring:

Experience across APIs and/or Container technologies essential
Offer expert knowledge across security best practices including OWASP Top 10, NIST guidelines highly regarded
Experience in Selenium highly desirable
Expertise in security tools like NoName, Sysdig or Qualys highly desirable
Expertise in security testing tools such as Burp Suite or Selenium highly desirable
Have an understanding of the financial industry regulatory requirements such as PCI-DSS, GLBA, and SOX
Excellent analytical and problemsolving skills
Ability to work independently and as part of a team
Have strong written and verbal communication skills

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on

Advertising End Date: 28/05/2024

Job ID REQ202695