Vulnerability Management, Identification and Assessment:

• Maintain and enhance the vulnerability management framework, including procedures, guidelines, and metrics.
• Oversee regular vulnerability scanning and assessment activities across networks, systems, applications (including web applications), and cloud environments using various tools.
• Conduct manual testing and analysis to validate scanner findings and identify complex vulnerabilities.
• Perform risk analysis to determine the potential impact and likelihood of exploitation for identified vulnerabilities, utilizing scoring systems like CVSS, and risk-prioritized scoring of the various tools.
• Integrate threat intelligence to provide context and prioritize vulnerabilities based on real-world threats and organizational risk tolerance.

Remediation, Deviation and Mitigation:

• Coordinate and manage the end-to-end vulnerability lifecycle, including detection, triage, risk assessment, remediation planning, and tracking.
• Collaborate closely with infrastructure, application, development, and cloud teams to guide remediation efforts and ensure timely closure of critical vulnerabilities.
• Facilitate patch management processes and ensure effective deployment of security updates.
• Work with teams to recommend and implement compensating controls where immediate remediation is not feasible.
• Classification: Restricted
• Monitor, maintain and coordinate exceptional handling/deviations in accordance with the vulnerability management framework and the Cybersecurity Governance Team.

Reporting and Communication:

• Develop and maintain dashboards, metrics, and executive reports to communicate vulnerability status, risk exposure, and program effectiveness to senior leadership and stakeholders.
• Provide clear, concise, and actionable recommendations for vulnerability remediation.
• Serve as a subject matter expert for CVEs, CVSS scoring, and emerging threats.

Maintenance of Integrated Vulnerability Tooling

• Manage user and asset onboarding/offboarding within the vulnerability management platform.
• Manage deployment and maintenance of scanning agents and virtual scanner appliances.
• Maintenance, updating and or troubleshooting virtual scanner appliances and user access issues.

Automation and Continuous Improvement:

• Evaluate and implement automation tools and technologies to streamline and scale vulnerability management processes.
• Lead continuous improvement initiatives for the vulnerability management program, including process optimization and tool enhancements.

Incident Response and Compliance:

• Participate in security incident response activities, providing expertise on
• vulnerability exploitation and mitigation strategies.
• Support internal and external audits and regulatory reviews related to
• vulnerability management.

Job Requirements :

• Posses a recognized Degree with 4–5 years of experience coordinating and contributing to the management of a vulnerability management program, with increasing responsibilities in process oversight and team collaboration.
• Classification: Restricted
• Hands-on experience with leading vulnerability scanning platforms (e.g., Tenable.io, Tennable.sc, Qualys VMDR, Rapid7 InsightVM, Nessus).
• Familiarity with cloud security principles and vulnerability management in
• cloud environments (AWS, Azure, GCP)

Interested please forward your resume to : [email protected]

Only shortlisted candidates will be notified