Vulnerability Management - Information Security Engineer III

• Vulnerability Assessment: Conduct regular vulnerability assessments using tools like Rapid7 to identify potential security risks.
  
• Analysis and Reporting: Analyze vulnerability data and generate detailed reports for stakeholders, highlighting critical issues and recommended remediation steps.
  
• Remediation and Prioritization: Prioritize and remediate security vulnerabilities
  
• Incident Response: Collaborate with the Incident Response team to address and mitigate vulnerabilities that could be exploited during security incidents.
  
• Patch Management: Work with IT and development teams to ensure timely application of security patches and updates.
  
• Security Best Practices: Develop and enforce security best practices and guidelines to minimize vulnerabilities.
  
• Training and Awareness: Provide training and awareness sessions for staff on vulnerability management and security practices.
  
• Documentation: Maintain comprehensive documentation of vulnerability management processes, findings, and remediation efforts.
  
• Continuous Improvement: Stay updated with the latest security trends, vulnerabilities, and threat intelligence to continuously improve the vulnerability management program.

Qualifications:

• Bachelors degree in Computer Science, Information Security, or a related field.
  
• Minimum of 5 years of experience in vulnerability management or a related role.
  
• Proficiency in using vulnerability management tools, particularly Rapid7.
  
• Strong understanding of network protocols, operating systems, and security architectures.
  
• Experience with incident response and patch management processes.
  
• Excellent analytical and problem-solving skills.
  
• Strong communication skills, both written and verbal.
  
• Knowledge of relevant information security and incident response frameworks such as NIST Cyber Security Framework, MITRE ATT&CK Framework.
  
• Ability to deal with ambiguity and translate high level objectives into detailed tasks
  
• Ability to prioritize work with multiple, simultaneous work assignments.
  
• Ability and willingness to learn new tools and processes.