Lead Security Operations Engineer

What will you be responsible for

• Execute comprehensive vulnerability scans across the organization's infrastructure
• Conduct vulnerability assessments against internal and external systems, networks, applications, and infrastructure components.
• Analyzes discovered vulnerabilities, assess their impact, and likelihood of exploitation to prioritize remediation efforts based on risk severity.
• Supports compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risk.
• Ensure that system vulnerabilities (new and backlogged) across the enterprise are dealt with in an efficient and timely manner.
• Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
• Collaborate with stakeholders to develop remediation strategies.
• Foster a culture of learning and development within the team by sharing expertise.

your work week look like

• Analyze and report and present the vulnerabilities to multiple stakeholders for remediation and prioritization and ensuring scan results are presented in appropriate dashboards & reports.
• Utilizes vulnerability scanning tools such as Rapid7 or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments.
• Perform reoccurring and on-demand scanning activities of both corporate and cloud environments utilizing enterprise platform.
• Maintain intelligence network to discover any reported exploits, zero-day vulnerabilities and its applicability to Organization.
• Collaborate with the other security teams to contain and investigate major incidents.

Who are we looking for

• Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
• 8 plus years of directly related experience as a Vulnerability Management SME or similar role.
• Demonstrated understanding of vulnerability management and security testing practices and methodologies.
• Proven understanding of common vulnerability frameworks (e.g., CVSS, OWASP Top 10)
• Experience with vulnerability scanners, vulnerability management systems, patch management, and host-based security systems (

  Rapid7

  preferred)
• Scripting or programming (Shell scripting, Power Shell, Python etc.)
• Excellent communication, collaboration, and interpersonal skills.
• Ability to work independently and take ownership of projects.
• Additional certifications, such as CISSP, GEVA are a plus.