Job Description
Key Responsibilities
* Lead the identification, assessment, and remediation of vulnerabilities across all operating systems (Windows, Linux, macOS) and platforms (on-premise and cloud).
* Analyze vulnerability scan results from tools such as Qualys, Nessus and cloud native tools.
* Collaborate with system, application, and infrastructure teams to prioritize and remediate vulnerabilities across on-premise and cloud environments.
* Prioritize vulnerabilities based on risk, asset criticality, and threat intelligence, ensuring timely resolution.
* Perform or coordinate OS and application patching using tools such as SCCM, Ansible, Tanium, or Satellite.
* Contribute to remediation playbooks, SOPs, and security incident response plans.
* Manage and support secure configurations, patching, and vulnerability remediation across AWS and Azure environments.
* Remediate security misconfigurations or threats in AWS, Azure, and/or GCP using cloud-native security tools (e.g., AWS Inspector, Azure Security Center).
* Collaborate with IT, DevOps, and application teams to track and verify remediation efforts.
* Maintain and enhance tools and processes for vulnerability tracking, reporting, and dashboard metrics.
* Develop and deliver regular status updates, risk reports, and executive summaries to stakeholders.
* Create automation scripts (PowerShell, Bash, Python) to assist in large-scale remediation efforts.
* Support integration of remediation workflows into CI/CD pipelines.
* Serve as the primary point of contact for security remediation coordination, driving accountability across teams.
* Continuously improve the vulnerability management program through automation, documentation, and adoption of best practices.
* Stay updated on emerging vulnerabilities, CVEs, and remediation techniques.
Technical Skills:
* Strong knowledge of vulnerability management tools (e.g., AWS Inspector, Azure Security Center, Qualys, or similar).
* Solid understanding of operating systems (Windows, Linux)
* Hands-on experience with AWS and Azure cloud security practices.
* Familiarity with patch management, endpoint protection, and configuration management tools.
In-Depth Knowledge Of:
* Windows Server, Linux distributions (Ubuntu, RHEL/CentOS)
* Network and endpoint security principles
* Patch management and vulnerability lifecycle
* Vulnerability scanning and management tools (e.g., Tenable, Qualys, Rapid7)
* Scripting and automation (PowerShell, Bash, Python)
* Ticketing and ITSM tools (e.g., Jira, ServiceNow, Remedy)
* Security compliance standards (e.g., NIST, PCI-DSS, ISO 27001, CIS Benchmarks)