Cybersecurity Product Vulnerability Manager

You will be responsible for executing all aspects of the product vulnerability management program. You will help protect our and Hitachi Energy's customers by identifying, handling reported vulnerabilities related to Hitachi Energy Products and offerings. You will be required to develop an effective, collaborative relationship with a significant number of internal and external stakeholders.

In this role you will report to the Vulnerability and Asset Discovery team Manager.

Your responsibilities

• Product Vulnerability Management: Support the product vulnerability process. Ensure effective, repeatable, and predictable processes to handle vulnerabilities in Hitachi Energy's product offerings in a consistent, responsible, and timely manner from discovery, reporting through publication of the Cybersecurity Advisories.

• Vulnerability Management: Support delivery of the vulnerability management program, including vulnerability scanning, vulnerability assessments, and tracking support for vulnerability remediation. Prioritize remediation tasks based on risk level, assign them to the relevant system owner, and monitor progress until completion. Interact with both technical and business stakeholders, establish, and maintain relationships. Help drive vulnerability management service delivery end-to-end, from evaluation to resolution. Maintain all documentation, reporting and key performance indicators.

• Business Interaction: Support the identification of stakeholders, manage exception processes, prepare, reporting as needed.

• Security Operation: Interact with other cybersecurity service delivery teams, to improve overall security posture: Develop and deliver risk analysis, lessons learned, improvement activities.

• Continuous Improvement: Participate in the further development of the vulnerability management service. Identify areas for improvement and support implementation.

Your background

• Minimum 5 years of experience in Operational Technology or Information Technology or Information Security is required, with at least 3 years of experience of Vulnerability Management.

• Experience at the corporate level of large, global organizations.

• Self-organized, ability to work in complex environment and to prioritize efficiently under high workload, especially in a remote work environment.

• Good exposure to security tools like Tenable, ServiceNow, Azure Security Center, Defender etc.

• Experience interacting with third party providers and with internal teams to resolve & close security vulnerabilities.

• Experience with relevant Frameworks and Security Standards (NIST, ISO, etc.), familiarity with ISA/IEC 62443 (huge bonus).

• Experience with Threat analysis, CVSS Assessment, Risk Assessment, CWE Mapping.

• Knowledge of CSAF and VEX (huge bonus).

• Exceptional knowledge of security domains and cybersecurity tactics, techniques, and procedures.

• Excellent written and verbal communication with proven ability to interact with technical and non-technical stakeholders.

• Relevant Information Security Certifications (ISA/IEC 62443, CISSP, CISM etc.) are preferable.

• Fluency in verbal English and excellent English writing skills are essential.

• No travel required.

Apply now