Information Security Analyst: Vulnerabilty management
Ryanair Labs Wrocław is a state of-the-art digital & IT innovation hub based in Wrocław, Dublin and Madrid, creating Europe's Leading Travel Experience for customers. As a result of our continued expansion, we want to hear from the best IT developers Wroclaw has to offer to join our Travel Labs.
Role Summary: This position will be a member of the Ryanair Information Security team, supporting the analysis of application vulnerabilities and the impact of those vulnerabilities will have on the systems and data. Use the expertise to identify priority level for vulnerability fix actions and contribute to integrate metrics to the IS Program.
3+ years of direct, documented, and verifiable experience with the following:
- Administration of vulnerability scanner or related tool
- Full-stack knowledge of IT and associated vulnerabilities:
- Operating systems — Windows, Unix and Linux
- IP networks — WAN and LAN
- Understanding of a risk based approach to vulnerability management
- Ability to quantify risk and assign applicable remediation timelines and tasks
- Developing appropriate metrics to show progress of a vulnerability management program
- Good written and verbal communication skills, able to convey business impact and risk or security vulnerabilities
- Bachelors in Information Technology, or a related field, or equivalent work experience
- Applicable industry certifications preferred but not required
- Be a subject matter expert for vulnerability management, educating and ensuring that business and technology teams understand the nature of discovered vulnerabilities, its risk to the business and the criticality/prioritization for remediation activities.
- Administer and manage the vulnerability scanning infrastructure
- Coordinate and collaborate with IT teams to identify and remediate vulnerabilities
- Coordinate with internal security testers and other stakeholders for reporting on security bugs within internally developed applications
- Define compensating controls as well as remediation tasks to mitigate risk of vulnerabilities
- Generate operational and risk metrics that support the vulnerability and patch management program