Description

  • We are seeking a highly skilled and motivated Vulnerability Management Specialist with at least 5 years of hands-on experience in identifying, assessing, and mitigating security vulnerabilities across enterprise environments.
  • The ideal candidate will have a strong understanding of cybersecurity principles, vulnerability scanning tools, and risk management frameworks, with the ability to communicate technical issues to non-technical stakeholders.

Essential Job Functions:

  • Manage the end-to-end vulnerability management lifecycle: discovery, classification, prioritization, remediation tracking, and reporting.
  • Conduct regular vulnerability assessments using tools such as Qualys, Tenable, Nessus, or Rapid7.
  • Collaborate with system owners, infrastructure teams, and developers to address and remediate vulnerabilities.
  • Monitor threat intelligence feeds to identify and assess emerging vulnerabilities.
  • Develop and maintain metrics and reports on vulnerability status, trends, and remediation progress.
  • Ensure compliance with internal security policies and external regulatory standards (e.g., PCI-DSS, ISO 27001, HIPAA).
  • Coordinate periodic penetration testing and work with external vendors as needed.
  • Assist in maintaining and improving the organization's vulnerability management processes and tools.

Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
  • Minimum of 2-3 years of professional experience in vulnerability management, information security, or a related domain.
  • Strong knowledge of operating systems (Windows, Linux, Unix), network protocols, and application architectures.
  • Hands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7, Tenable.io).
  • Familiarity with patch management practices and tools.
  • Understanding of CVSS scoring, OWASP Top 10, and MITRE Telecommunication&CK framework.
  • Experience interpreting and responding to vulnerability alerts (e.g., CVEs, vendor advisories).

Preferred:

  • Security certifications such as CEH, OSCP, CompTIA Security+, or GIAC.
  • Experience with scripting languages (Python, PowerShell, Bash) for automation of vulnerability tasks.
  • Exposure to cloud environments (AWS, Azure, GCP) and related security controls.
  • Familiarity with SIEM and ticketing systems (e.g., Splunk, ServiceNow).

Soft Skills

  • Strong analytical and problem-solving skills.
  • Excellent written and verbal communication.
  • Ability to manage multiple priorities and work effectively in a fast-paced environment.
  • Collaborative mindset with a strong sense of accountability

Key Skills
Education

Bachelor's degree

Back To Jobs