Vulnerability Management Engineer

Job Description: As a Vulnerability Management Security Engineer, you will play a crucial role in assisting the Security Operations team with the comprehensive execution and management of vulnerability identification, assessment, and remediation processes across the organization. Your responsibilities will include deploying and operating vulnerability assessment tools, refining scan results, providing technical assistance in coordinating with internal teams for remediation, and offering actionable insights to enhance the organization's security posture. It is essential for you to have a solid understanding of information security, risk assessment methodologies, and remediation best practices to effectively address vulnerabilities. You will collaborate closely with IT, development, and compliance teams to ensure that risks are managed within acceptable thresholds and regulatory requirements. Key Responsibilities: - Deploy and maintain vulnerability scanning tools to identify weaknesses across the organization's IT infrastructure, including servers, endpoints, networks, and applications. - Conduct scheduled and ad-hoc vulnerability scans, ensuring comprehensive coverage and accuracy of scanning results. - Assist in analyzing scan data to identify trends, patterns, and high-risk vulnerabilities, prioritizing issues based on potential impact and exploitability. - Work closely with IT and Security operations, application development, and other internal teams to track and support remediation efforts for identified vulnerabilities. - Develop and document remediation plans and timelines based on vulnerability criticality and business impact. - Prepare detailed vulnerability assessment reports, including metrics on scan results, remediation status, and risk mitigation progress. - Develop executive-level dashboards and summaries to provide a high-level overview of vulnerability management activities. - Identify opportunities to improve the efficiency and effectiveness of the vulnerability management toolset, including process automation. - Ensure vulnerability management activities align with industry standards, such as NIST, ISO 27001, and regulatory requirements like PCI-DSS and SOX. - Work with threat intelligence teams to contextualize vulnerabilities within the broader threat landscape. - Collaborate with other security teams to integrate vulnerability data with security incident response and threat intelligence workflows. Qualifications Required: - Technical Expertise in Vulnerability Management, with proficiency in tools like Qualys, Tenable, Rapid7, or similar platforms. - Experience in Network Engineering, including managing and troubleshooting layer 2 and layer 3 devices. - Proficiency in Scripting Languages, particularly Python, for automating tasks and enhancing system administration workflows. - Strong Analytical and Problem-Solving Skills to analyze scan data and devise efficient remediation plans. - Excellent Communication and Coordination Abilities to communicate vulnerability issues clearly to non-technical stakeholders and coordinate remediation efforts across diverse teams. - Industry certifications such as CISSP, CASP, or GIAC are a plus. - Relevant vendor-specific certifications are a plus.,