Consultant, Vulnerability Management

About the role

The role provides support for the technology-based vulnerability/configuration scanning services and finding management across NAB's Key assets to meet security obligation MAIN RESPONSIBILITIES Provide direction for NAB in the usage of Vulnerability Scanning as a key protection for the bank for both internally and externally facing assets Measure scanning coverage, identify scanning gaps and plan for scan coverage enhancement Provide direction for NAB in the usage of Vulnerability Scanning as a key protection for the bank for internally facing assets Identifying , evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on those systems. Prioritize threats and minimize the vulnerabilities by triaging with stakeholders especially on perimeter. Promote the use of Vulnerability Scanning and Policy Compliance scanning and establish a BAU rhythm to effectively detect and scan NAB's digital assets, including those of Subsidiaries and externally hosted 3rd party vendors Support the bank in an uplift of security across the technology teams by building good relationships with key stakeholders, supporting them in their understanding of the identified issues Promote the remediation of any vulnerabilities or weaknesses identified by the vulnerability and policy compliance scanning Support the development and maintenance of controls, processes, documentation, and automation to support and maintain the efficient running of the Vulnerability and Policy Compliance scanning services Support in the development of the team to be able to support the tools and processes required to provide vulnerability and policy compliance scanning, and Findings management Collaborate in the development of Reporting to assist NAB understand control effectiveness, NAB's vulnerability exposure and security configuration posture Support the use of 3rd party tools and hold vendors accountable for the services NAB purchase by overseeing issues requiring resolution, managing release cycles, assessing new features NAB might adopt and driving a ROI YOUR SKILL & EXPERIENCE 3+ years of experience in Infra Vulnerability scanning and policy compliance scanning 3+ years of experience in a specific technology (Windows, Database/Linux/etc.) 3+ year experience in technology support (e.g. Sysadmin) OR in Application development 1+ year experience stakeholder engagement 1+ year experience in management or TL Strong awareness of best practice in security and a drive to self-educate in the field Experience with Vulnerability scanning for Infrastructure and Applications Experience with Vulnerability and Policy Compliance scanning Good working knowledge of Findings Management Experience in IT either, technology support, application development or application support Have experience in problem solving across multiple teams Be able to build strong productive relationships with key stakeholders Have passion, drive, enthusiasm, and will be a self-starter; An understanding of Security principles Proven ability to work both individually and within a team environment (at times with little guidance), build strong relationships and maintain rapport with internal NAB stakeholders and 3rd party service providers Methodical, analytical approach with outstanding attention to detail Excellent verbal and written communication skills Strong team working skills are essential Ability to attend to the detail on multiple concurrent tasks while meeting various deadlines Ability to develop thorough, clear and concise action plans/objectives Ability to work autonomously and organise/prioritise own work schedule on a short-term basis THE BENEFITS AND PERKS We appreciate and reward our colleagues who do great work every day - from excelling for our customers, to taking ownership of an issue to get it resolved. Here's how we support our people with a range of exclusive benefits. 1. Generous compensation and benefit package Attractive salary 20-day paid annual leave and 7-day paid sick leave 13th month salary and Annual Performance Bonus Premium healthcare for yourself and family members Monthly allowance for team activities Premium welcome kit and occasional gifts of appreciation Extra benefits on your work anniversary 2. Exciting career and development opportunities Large scale products with modern technologies in banking domain Clear roadmap for career advancement in both technical and leadership pathways Access to digital learning platform such as Udemy Consistent and high-quality leadership training through the Distinctive Leadership program (DLP) Specialist capabilities and accreditations in key skill areas such as Cloud Engineering, Digital, Data, Security and SREs (Site reliability engineers) Sponsored English course with native teachers Opportunity for training in Australia 3. Professional and engaging working environment