Sr. Specialist

Re:Sources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 4,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients.   

In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications and tools to enhance productivity, encourage collaboration and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients.

The company is a premier shared services company serving the financial, technological and administrative needs of U.S.-based business units of the the world’s fourth largest Communications company.  With 2020 revenues of nearly 9 billion Euros, the parent company specializes in Advertising, Digital, Media buying and consultancy.  The parent company is present in over 100+ countries on 5 continents, with 80,000 employees.

The company was the first and remains the largest shared services operation in the communications industry in the United States.  Founded in 1997 and headquartered in New York City, it provides highly effective support services in the areas of finance, administration, transaction processing and Information Technology.  

Core responsibility and duties:

The Sr Specialist, Vulnerability Management is part of a global team which enables the business to manage, report, and reduce its cyber security risk. This individual will provide technical expertise and subject matter expert guidance to drive and execute team initiatives and projects. They will also interact with business, client team, and executive-level staff internal and external to the Re:Sources organization. This position is in Re:Sources’ Global Security Office (GSO), reporting to the Director of Cybersecurity Vulnerability Management.

Highlight day-to-day activities of the position:

• Be a technical lead and subject matter expert with respect to the vulnerability management program, initiatives, and vendor tools
• Develop, recommend, and execute vulnerability management controls, programs, and standards with greater organizational impact
• Develop, recommend, and execute process improvements for day-to-day operations
• Deliver large, highly complex projects, often involving operating constraints and the coordination of activities of other business units
• Ensure compliance with society, regulatory, and industry standards for vulnerability and risk management
• Conduct and distribute vulnerability assessments and reports
• Work closely with business stakeholders to ensure risk is remediated appropriately and in a timely manner
• Manage escalations and exception requests
• Provide executive reporting using key metrics regarding the health of the program and the compliance of the platforms.
• This position will be hybrid, in office and work from home.

• Minimum of four (4) years of professional (relevant) experience in: Information Security, Cyber Security, Information Technology infrastructure, application development or security, support & operations, and/or systems administration;
• Bachelor’s Degree in computer science, technology, security, or related field required.
• Master’s Degree preferred
• CISSP (Certified Information Systems Security Professional) preferred
• Demonstrable skills using industry-leading tools such as Rapid7 insightVM/NeXpose, AlertLogic, CoalFireONE, and Brinqa.
• Possess knowledge of both on-premises and cloud environments
• In-depth understanding and working knowledge of information security data and processes
• Knowledge of operating systems (Windows and Linux), network protocols, and security stacks to enable the understanding of overall vulnerability risk and impact when considering the environment, configuration, and compensating controls
•  Knowledge of information security and risk control frameworks, business continuity, and IT disaster recovery frameworks
• Ability to work independently, manage projects, and exercise judgement in reaching solutions
• Ability to work and coordinate with multi-team environment including program managers, business analysts, IT analysts and other security professionals
• Ability to discuss complex technical details with extended support staff and translate into non-technical communication
• Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals
• Knowledgeable of technological trends and developments in the area of information security and risk management
• Creative, organized, responsive, and highly thorough problem solver
• Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership; proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement and performance

All your information will be kept confidential according to EEO guidelines.

This job description in no way states or implies that these are the only duties to be performed by the employee(s) currently in this position. Employee(s) will be required to follow any other job related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments.

A review of this position has excluded the marginal functions of the position that are incidental to the performance of fundamental job duties. All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities.

This document does not create an employment contract, implied or otherwise, other than an "at-will" relations.