Cloud Vulnerability Management Consultant

Job Description

Role Summary: We are seeking a skilled and experienced Cloud Vulnerability Management Operator to join our dynamic Security Operations team. In this role, you will be responsible for identifying, assessing, and mitigating vulnerabilities across our multi-cloud environments, leveraging native cloud tools and services to enhance the security posture of our infrastructure. Required Qualifications: 5–10+ years of experience in Cloud Security and Vulnerability Management . Proficiency in vulnerability identification, configuration, and remediation across AWS , Azure , and GCP . Expertise in using native cloud tools such as AWS Inspector , GCP SCCP , Azure Defender , and related CLI tools. Hands-on experience with Linux and/or Windows System Administration . Strong knowledge of vulnerability scoring methodologies , OWASP Top 10 , and Cloud Posture Management tools. Familiarity with application security frameworks and the threat intelligence lifecycle . Excellent communication, critical thinking, and problem-solving skills. Strong organizational skills and the ability to manage multiple priorities in a fast-paced environment. Preferred Qualifications: Certification in AWS , GCP , or Azure (e.g., AWS Certified Security – Specialty, Google Cloud Security Engineer). Experience with Power BI or similar tools for metrics curation and reporting. Demonstrated ability to lead teams or initiatives without direct managerial responsibility. Key Responsibilities: Operate under the guidance of the Threat and Vulnerability Operations Manager (TVM) and senior security team members. Collaborate with support teams, management, and cross-functional working groups to ensure cohesive security operations. Mentor junior team members and provide technical guidance as needed. Lead initiatives to reduce security risks in the multi-cloud infrastructure (AWS, Azure, GCP). Configure and maintain Cloud Security Posture Management (CSPM) tools and ensure adherence to secure infrastructure best practices. Implement native cloud services for vulnerability detection and remediation (e.g., AWS Inspector, GCP SCCP, Azure Defender). Perform regular vulnerability scans on instances, images, containers, and virtual machines. Maintain the Infrastructure Bill of Materials (IBOM) and monitor the security status of all components. Integrate cloud security best practices into CI/CD pipelines and development lifecycles. Ensure cloud infrastructure compliance with CIS Benchmarks and other industry standards. Track and manage remediation activities through ticketing systems across the multi-cloud environment. Document deviations from standard security baselines and communicate findings to stakeholders. Prepare and present metrics reports, including triage and response times, to leadership and key stakeholders. Show more Show less