Technical Consultant-Security Intel & Operations Consulting Svcs

Introduction

Your Role And Responsibilities

• Vulnerability Identification & Assessment:
• Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.).
• Analyze vulnerability data from multiple sources and assess the impact on business operations.
• Perform risk assessments and categorize vulnerabilities based on severity and exploitability.
• Remediation & Risk Mitigation: Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities.
• Prioritize vulnerabilities based on risk to the business and potential exploitability.
• Track remediation efforts and ensure proper closure of security gaps.
• Process & Policy Development: Define and maintain vulnerability management policies, standards, and procedures.
• Establish workflows for vulnerability detection, reporting, remediation, and validation.
• Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS.
• Security Monitoring & Threat Intelligence Integration:Work with threat intelligence teams to understand emerging threats and vulnerabilities.
• Ensure vulnerability management aligns with incident response and threat-hunting processes.
• Continuously enhance detection mechanisms to improve vulnerability discovery and response.
• Compliance & Audit Readiness:Ensure that vulnerability management practices align with regulatory and compliance requirements.
• Maintain records of assessments, remediation efforts, and compliance reports for audits.
• Support internal and external audits related to vulnerability management.
• Reporting & Metrics:
• Develop and present vulnerability status reports to security leadership and executive teams.
• Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction
• Provide insights on security posture improvements based on trend analysis.
• Security Awareness & Collaboration: Conduct training sessions to educate teams on vulnerability risks and remediation best practices.
• Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle
  

Preferred Education

Required Technical And Professional Expertise

• Vulnerability Management
  

Preferred Technical And Professional Experience

• Qualys