We are seeking a proactive and detail-oriented professional to join our Vulnerability Management Program. The ideal candidate will play a crucial role in identifying, triaging, tracking, and remediating vulnerabilities within the organization. You will work closely with global, cross-functional teams to ensure timely vulnerability remediation, help secure critical systems, and ensure that security risks are effectively managed.
Key Responsibilities
- Lead and manage the Vulnerability Management Program, ensuring vulnerabilities are identified, documented, triaged, and appropriately remediated across the organization.
- Collaborate with internal stakeholders, including technical teams and senior management, to drive vulnerability remediation efforts, ensuring timely resolution or approved exceptions.
- Work with vulnerability scanning tools (such as Qualys, Nexus IQ, Fortify, Datamart, and Splunk) to assess, validate, and triage reported vulnerabilities.
- Provide clear advice and recommendations to stakeholders and technical teams regarding vulnerability criticality, impact, and necessary remediation actions, in alignment with information security standards.
- Develop remediation reports, status briefings, and scorecards to communicate organizational progress and risk mitigation to senior management.
- Ensure comprehensive vulnerability documentation, tracking, and reporting to facilitate ongoing vulnerability management efforts.
- Address vulnerabilities within containerized environments (e.g., Docker, Kubernetes) and cloud platforms (e.g., AWS, Azure), working to secure both infrastructure and applications.
- Contribute to ongoing security, risk, and compliance initiatives to strengthen the organization's cybersecurity posture.
- Monitor emerging security risks and threats, providing timely guidance and actions to mitigate those risks.
Required Skills & Qualifications
- Proven experience in IT, cybersecurity, risk analysis, or vulnerability management.
- Strong expertise in vulnerability management processes, tools, and best practices.
- Hands-on experience with enterprise vulnerability scanning tools such as Qualys, Nexus IQ, Fortify, Keylight, Datamart, and Splunk.
- Experience working with containerization platforms (Docker, Kubernetes) and cloud environments (AWS, Azure).
- Familiarity with industry security frameworks and standards such as PCI DSS, NIST, ISO 27001, OWASP Top 10, and Critical Security Controls.
- Solid understanding of vulnerability validation and triaging procedures.
- Ability to communicate complex security issues clearly to both technical and non-technical stakeholders.
- Strong organizational skills, with the ability to track and manage multiple remediation efforts simultaneously.
Desirable Qualifications
- Certifications in security, risk, or vulnerability management (e.g., CISSP, CISM, CompTIA Security+, etc.).
- Experience in a global, cross-functional work environment with a focus on security and compliance.
Why Join Us
This is an exciting opportunity to make a significant impact on the organization's cybersecurity efforts. You will have the chance to work with a diverse, talented team and shape the future of our security posture. If you're passionate about vulnerability management and cybersecurity, and you enjoy driving initiatives that protect critical systems, we'd love to hear from you.