Vulnerability Manager

As an operational risk officer at the company, your role involves supporting the Security Operations Center (SOC) team in their daily activities and administering Operational Security Processes. You will be responsible for identifying improvements in current processes and documenting them clearly. Your key responsibilities include: - Managing the vulnerability scan process using Qualys Tools - Understanding, reviewing, and interpreting assessment and scanning results - Reducing false positive findings and acting as a trusted security advisor to clients - Identifying and prioritizing vulnerabilities in client environments - Providing timely vulnerability assessment reports to key stakeholders - Developing and reporting enterprise-level metrics for vulnerabilities and remediation progress - Handling user requests administration such as managing users" requests on the platforms, adding Hosts, Assets Groups, creating scans, reports, or Dashboards - Managing Vulnerability Scans for GTS infrastructure and the Change Management process - Presenting Vulnerability Assessment Scanning and guidance, False Positive Validation, Compliance Scanning, and creating scan profiles and policies - Analyzing vulnerabilities based on group standards and managing alerting on critical vulnerabilities found by scans In addition, you should have: - Ability to identify false positives - Knowledge of vulnerability management frameworks and concepts such as CVE and CVSS scoring systems - Experience with attacking vectors - Generating monthly and quarterly reports and dashboards - Understanding of Qualys tags - Managing Internal Qualys infrastructure including surveying the status of Qualys appliances and managing the RMA process - Implementing automated, proactive security measures - Hands-on experience with Qualys modules like Vulnerability Management, Policy Compliance, Web Application Scanning, Cloud Agent, Asset View, Container Security, VMDR Your profile should include: - End-to-end understanding of Vulnerability management including scanning, remediation follow-up, and false positive verification - Conducting Network and System Vulnerability assessments and documenting corrective/remediation actions - Driving the end-to-end vulnerability lifecycle from discovery to closure - Identifying internal and external threats to customers" information assets - Ensuring timely follow-up with patch management and vulnerability remediation in coordination with Countermeasures personnel This job requires a proactive individual with a strong understanding of vulnerability management processes and tools, as well as the ability to communicate effectively with stakeholders and collaborate with cross-functional teams.,