Vulnerability & Incident Handler

In today's rapidly evolving digital landscape, the ability to effectively manage cybersecurity vulnerabilities and incidents is critical to maintaining organizational trust and operational integrity.

We are seeking a highly skilled Vulnerability & Incident Handler to serve as the coordinator for all cybersecurity incident and vulnerability management efforts within Digital Energy Division.

This individual will ensure swift, coordinated, and efficient responses to threats, minimizing potential damage and safeguarding sensitive data.

Key Responsibilities:


* Organize our response to vulnerabilities reported against our products and systems:- This involves promptly acknowledging receipt of vulnerability reports, systematically assessing the potential impact on our products and services, prioritizing remediation efforts based on risk, and coordinating with development and operations teams to ensure timely resolution.

All findings and actions are carefully documented for transparency and future reference.


* Coordinate our actions in response to cybersecurity incidents at customer sites, or on internal exposures involving our offers:- Establish clear communication channels with affected customers, assemble cross-functional incident response teams, and conduct thorough investigations to understand the origin, scope, and impact of incidents.

Our actions include containment, mitigation, and recovery steps, as well as ongoing updates to stakeholders throughout the incident lifecycle.


* Support security advisors and teams to prepare public disclosures :- drafting clear, accurate, and timely security advisories, reviewing technical content for correctness, and ensuring all necessary regulatory and compliance requirements are met.

Work collaboratively to anticipate potential questions and provide extensive documentation and FAQs to assist customers in understanding and addressing disclosed vulnerabilities.


* On a regular basis inform stakeholders on pending public disclosures and vulnerability action plans:- maintain regular briefings and status updates for internal and external stakeholders, sharing timelines for public disclosure, remediation strategies, and required customer actions.

Regular communication ensures all parties are prepared for upcoming announcements and can take necessary steps to protect their systems.


* Maintain a view on cybersecurity risk across the line of business product portfolio and organize mitigations, including on 3rd party components & suppliers :- continuously monitor our entire product suite, including dependencies on third-party components, for emerging threats and vulnerabilities.

This includes performing risk assessments, tracking supplier security postures, and implementing mitigation strategies such as patches, configuration updates, or supplier engagement to reduce overall cybersecurity risk.


* Identify opportunities for efficiency improvement and lead improvement actions:- analyze ongoin...