Product Incident Manager

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide.

Job Title: Product Incident Manager
Location: Philadelphia, PA

Application Development experience or demonstrated experience managing incidents with code-level vulnerabilities.

Core Responsibilities
The core responsibilities of this position are as follows:
Manage queue of reported vulnerabilities to ensure communications are promptly addressed, catalogued and internally distributed to appropriate internal stakeholders.
Validate, research, and prioritize/escalate findings as appropriate before circulation.
Manage each reported vulnerability and its status until resolution.
Partner with other teams in the security organization to manage communications and status reporting.
Attend technical calls with internal or external parties regarding reported vulnerabilities.
Document all information including the mitigation and remediation of reported vulnerabilities.

Skill and Abilities
Experience with vulnerability management
Experience with incident response methodology in investigations and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs)
Knowledge of systems administration (*nix/Windows), network engineering, and security engineering
Must be comfortable at the command line of a UNIX-like OS
Intermediate level understanding of cloud/vm, automation, and devops technology
Ability to use tools to process large text files
Knowledge of product development lifecycles
Familiarity with responsible disclosure practices
Ability to work with other technical security and development teams to remediate vulnerabilities
Experience with penetration testing and/or systems auditing
Knowledge of OWASP top 10, referring to NVD/CVE, CVSS Scoring
Intermediate level understanding of validation tools and methodologies (port scanners, etc).
Intermediate level understanding of common vulnerabilities in large/agile environments.
Experience with software development methodologies and the software used within large/agile environments
Project Management experience or PMP certification
Knowledge of networking concepts and analysis tools and operating systems, software, and security controls
Ability to perform independent research and report on findings
Ability to be a self-starter, quick learner, and detail oriented
Ability to perform analysis with strict attention to detail and display solution orientation to learn and adapt quickly
Possession of excellent oral and written communication skills, including communicating effectively under normal and stressful situations

If anyone might be interest, please share your resume at smalik(at)ayrglobal(dot)com or you can directly contact me at 630-444-7490