Job Requirement: Vulnerability Management Specialist
Job Summary
We are seeking a highly skilled and motivated Vulnerability Management Specialist with at least 5 years of hands-on experience in identifying, assessing, and mitigating security vulnerabilities across enterprise environments. The ideal candidate will have a strong understanding of cybersecurity principles, vulnerability scanning tools, and risk management frameworks, with the ability to communicate technical issues to non-technical stakeholders.
Key Responsibilities
Manage the end-to-end vulnerability management lifecycle: discovery, classification, prioritization, remediation tracking, and reporting.
Conduct regular vulnerability assessments using tools such as Qualys, Tenable, Nessus, or Rapid7.
Collaborate with system owners, infrastructure teams, and developers to address and remediate vulnerabilities.
Monitor threat intelligence feeds to identify and assess emerging vulnerabilities.
Develop and maintain metrics and reports on vulnerability status, trends, and remediation progress.
Ensure compliance with internal security policies and external regulatory standards (e.g., PCI-DSS, ISO 27001, HIPAA).
Coordinate periodic penetration testing and work with external vendors as needed.
Assist in maintaining and improving the organization's vulnerability management processes and tools.
Required Qualifications
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
Minimum of 2-3 years of professional experience in vulnerability management, information security, or a related domain.
Strong knowledge of operating systems (Windows, Linux, Unix), network protocols, and application architectures.
Hands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7, Tenable.io).
Familiarity with patch management practices and tools.
Understanding of CVSS scoring, OWASP Top 10, and MITRE ATT&CK framework.
Experience interpreting and responding to vulnerability alerts (e.g., CVEs, vendor advisories).
Preferred Qualifications
Security certifications such as CEH, OSCP, CompTIA Security+, or GIAC.
Experience with scripting languages (Python, PowerShell, Bash) for automation of vulnerability tasks.
Exposure to cloud environments (AWS, Azure, GCP) and related security controls.
Familiarity with SIEM and ticketing systems (e.g., Splunk, ServiceNow).
Soft Skills
Strong analytical and problem-solving skills.
Excellent written and verbal communication.
Ability to manage multiple priorities and work effectively in a fast-paced environment.
Collaborative mindset with a strong sense of accountability.
...Program Overview About The Role Cyber Protection, Assessment and Authorization,... ...control implementation of all applicable security controls as identified via information system... ...fundamentals SCA / Union / Intern Rate or Range Details Target Salary...
What Makes a Honda, is Who makes a HondaHonda has a clear vision for the future, and it's a joyful one. We are looking for individuals with the skills, courage, persistence, and dreams that will help us reach our future-focused goals. At our core is innovation. Honda is...
...Our Day Care Center located at Water's Place in the Bronx is currently seeking a part time Registered Nurse to join ourteam! Work hours will be75 hours per month. Schedules are Monday, Thursday , 9:00 am to 2:00 pm; Wed: 12:00 noon to 6:00 pm and 2 Saturdays per month...
SGK is a global brand experience company. From idea to implementation, we deliver packaging solutions and brand experiences that give brands the freedom to speak louder, scale faster and grow stronger. We simplify marketing and amplify brands to deliver value. SGK is...
...step in your career, we want to hear from you. Join Sun Auto Tire & Service and become a valued member of our team. Apply now!! The Automotive Technician is responsible for effectively and efficiently diagnosing and repairing customer vehicles while adhering to the MAP...