Cloud Security Services logo

Attack Surface Management (ASM) Operationalization Consultant

Cloud Security Services
Contract
Remote

About the opportunity:
Cloud Security Services is seeking an Attack Surface Management (ASM) Operationalization Consultant to further develop and enhance the client’s ASM operational framework.  Candidate must have a demonstrated and hands on background in the Axonius platform and experience working in enterprise environments. This is a 12-week remote project opportunity.


Key Responsibilities
Develop and enhance an ASM operational framework including but not limited to:

  • Roles and Responsibilities (RACI) 
  • Vulnerability Severity Rating Definition and Prioritization 
  • Metric Requirements 
  • ASM Operational Workflows 
  • ASM Configuration Standards 
  • ASM Report Development 


Required Skills

  • 3-5 Years Experience in ASM 
  • 5 – 10 Years Experience in vulnerability management, IT service management and IT GRC
  • Experience with the Axonius platform 
  • Familiarity with vulnerability detection platforms and the connectors used to ingest vulnerability data 
  • Cybersecurity vulnerability Identification 
  • Cybersecurity Vulnerability Assessment for Remediation and Prioritization 
  • Continuous Control Monitoring 
  • Cybersecurity Threat Detection 
  • Cyber Asset Management 
  • Vulnerability Management Automation 
  • IT Infrastructure Library (ITIL) and IT Service Management experience 
  • Experience operationalizing vulnerability and asset management platforms 
  • Diagramming operational workflows 
  • Ability to develop report requirements 
  • Ability to develop metric requirements  
  • Understanding of NIST and equivalent risk management frameworks 
  • Excellent analytical skills 
  • Ability to leverage existing documentation 
  • Collaborative team worker – both in person and virtually using MS Teams or similar 
  • Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel and PowerPoint 
  • Ability to work as liaison between business and information security / information technology 
  • Flexibility to accommodate working across different time zones 
  • Excellent interpersonal communication skills with strong spoken and written English 
  • Business outcomes mindset 
  • Solid balance of strategic thinking with detail orientation 
  • Self-starter, ability to take initiative
  • Project management and organizational skills with attention to detail 


Preferred Skills

  • Red Team, Blue Team, Purple Team or Penetration Testing Experience 
  • ServiceNow, Jira or equivalent service management platform experience 


Required Education

  • Bachelor's degree (BA/BS) from four-year college or university; or equivalent training, education, and work experience.
  • Cybersecurity certifications such as CISSP, CISM, etc.
Apply now
Share this job
Twitter Facebook Linkedin Email