Vulnerability and Patch Management Specialist

We are seeking a Vulnerability Management Analyst with experience in enterprise vulnerability assessment and management. This role will utilize expertise with information security to discover, analyze, and characterize risks to Our Clients network, applications, databases, and other components of Our Clients information system. The ideal applicant should be passionate about security, stay up-to-date on the latest technology and industry best practices, and work well in a collaborative team environment.

Typical Duties and Responsibilities:

• Oversee the coordination of security incident response
• Perform recurring and on-demand scanning of organization systems and cloud environments
• Resolve information security incidents, including targeted threats and internal incidents
• Maintain documentation regarding threat management, including policies and procedures
• Assist technology teams to develop, implement, and automate security solutions
• Improve and automate existing vulnerability management systems
• Monitor intrusion detection systems to identify potential threats
• Research and assess emerging security threats and vulnerabilities
• Provide technical support for vulnerability management projects
• Communicate the risks of identified vulnerabilities and recommend security controls to mitigate them

Required Skills and Experience:

• 3+ years of experience in vulnerability management or compliance monitoring
• Proven experience in vulnerability management, cloud security, and Continuous Threat Exposure Management (CTEM).
• Good knowledge of cloud security platforms (e.g., Azure, AWS, Google Cloud), vulnerability scanning tools (e.g., Qualys, Tenable, Nessus) & an understanding of OWASP standards and application security best practices.
• Experience in a cybersecurity environment
• Experience in vulnerability scanning, penetration testing, network admission control, and/or SIEM
• Experience in design and implementation of security technologies
• Experience with IT controls monitoring for regulatory and compliance requirements
• Experience with visualization tools
• In-depth knowledge of information security best practices
• Knowledge of technical concepts such as cloud computing, automation, networking, and application development
• Knowledge of vulnerability data management and reporting process automation
• Knowledge of OWASP tools and methodologies
• Knowledge of scripting languages such as Perl or Python

Preferred Qualifications:

• Bachelors degree in computer science, information security, or a related field.
• Professional certification such as CEH, Security+, CVA, Qualys, Tenable, AZ-500