**About the role**:
We're looking for an experienced and passionate Consultant, Information Security "Threat and Vulnerability Management" to join our Information Security Services team!
Being part of this team, you will drive our threat and vulnerability management across the technology stack.
Your job is to identify and help remediating security threats and weaknesses early on as well as and modelling their potential risk for our infrastructure and IT solutions.
Your work is essential to prioritize our global defenses and react quickly to an ever changing, dynamic threat landscape.
To achieve this, you will be interacting with our business colleagues, our Cyber Defense Center, and our operations teams across the globe, to name a few.
**Team Introduction**:
Information Security Services cooperates with all division under the IT Security, Risk and Compliance Management team to meet business partner's requirements to maintain the confidentiality, integrity and availability of the IT infrastructure and assets.
Services provided are but not limited to:
- Vulnerability Assessment
- Penetration Testing
- Threat Intelligence
The team also provides consultation by reviewing existing network and system/software architectures and will recommend best way forward to both strengthening existing security mechanisms and compensating for any inherent security weaknesses.
Other than that, the team evaluates and examines raised changes (RFCs) to ensure that all security aspects are taken into consideration before a change is approved.
**What you will do**:
- Maintain knowledge of the threat landscape
- Monitor availability of exploits, analyze impact and risk, and help to set priorities for remediation management
- Experience in assessing and categorizing threats based on risk impacts/exposures
- Assess and monitor the secure configuration of our assets - determine deviations from acceptable configurations, assess the risk and develop/recommend appropriate mitigation measures
- Communicate regularly to our stakeholders about risk position and mitigation
- Participate on change and configuration management by doing technical security reviews
- Assist and train junior team members
**Application you will use**:
- Prior knowledge in vulnerability management & policy compliance scanning tool such as Qualys
- Prior knowledge in asset management tool such as Altiris
**What you should have**:
- At least 5 years of experience in threat and vulnerability management in complex environments
- Threat centric understanding of vulnerability management
- Experience in automating recurring tasks by scripting and API utilization
- Communication and time-management skills
- Ability to adapt to dynamic threat landscape in a global environment
- Ability to evaluate any impacts from sources of threat intelligence and provide the required recommendations
- Ability to work unsupervised, under pressure and meet deadlines
- Creative with strong commitment to quality and excellence
- Educated to degree level in IT Security, Engineering or equivalent
- Strong analytical skills and efficient problem solving
- Fluency in English
**What are the plus points**:
- Certifications like GIAC family, CISSP, CISA, CEH, ECSA, LPT CompTIA Security+ or similar
- Data Analytics
- DHL is an equal opportunity employer._ _We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic._