Yale University, conveniently located between Boston and New York, offers exciting opportunities for achievement and growth in New Haven, Connecticut. Located in the heart of historic downtown New Haven with more than 100 local boutiques, national retailers, cafés, casual eateries, award-winning restaurants, and world-renowned theaters, galleries, and museums.
The Information Security Office at Yale University in New Haven, CT is seeking a talented Cybersecurity Lead for Vulnerability Management.
This is a new role on a new team at Yale. You will be helping build a mature vulnerability management and application security program at one of the world’s top research universities.
Additional responsibilities include:
Conducts network, system, and application vulnerability assessments, using manual and automated tools, on University systems including UNIX/Linux, Windows, cloud services, virtualization environments, network devices, databases, applications, web servers and operational technology devices.
Trains and mentors Vulnerability Management Team members on operational practices and information security topics.
Leads automation efforts in the detection, categorization, reporting and tracking of identified vulnerabilities.
Analyzes and reports on vulnerability trends to identify areas of prioritization based on risk.
Collaborates with engineering teams to understand vulnerability managements needs and assist with remediation and mitigation strategies.
Provides verbal and written reports on vulnerability risk to executive, business, and technical stakeholders.
Contributes to information technology vulnerability management and risk strategy.
Maintains current knowledge of the threat landscape including attacker tactics, techniques and procedures.
Required Education and Experience
Bachelor's Degree in a relevant technical field and a minimum of four years of related technical experience or an equivalent combination of education and experience.
Proven ability with vulnerability management tools such as Tenable Nessus, Qualys, Rapid7, Acunetix, ZAP, and BurpSuite.
In-depth knowledge of infrastructure and application security concepts and tools.
Scripting and/or programming skills.
Excellent verbal and written communication skills and the ability to communicate risk at varying levels of the organization.
Preferred Education, Experience and Skills:
Experience as a technical lead.
Experience with static and dynamic application security tools, techniques and procedures.
Experience with incident response and forensics.
Experience as a software developer.
Experience as a system or network administrator.
Experience with standard information security control and compliance frameworks.
We invite you to discover the excitement, diversity, rewards and excellence of a career at Yale University. One of the country's great workplaces, Yale University offers exciting opportunities for meaningful accomplishment and true growth. Our benefits package is among the best anywhere, with a wide variety of insurance choices, liberal paid time off, fantastic family and educational benefits, a variety of retirement benefits, extensive recreational facilities, and much more.
Yale University considers applicants for employment without regard to and does not discriminate on the basis of an individual’s sex, race, color, religion, age, disability, status as a veteran, or national or ethnic origin; nor does Yale discriminate on the basis of sexual orientation or gender identity or expression.
Valid through: 3/19/2021
$100K — $150K
22 days ago