JOB DESCRIPTION

• Know the vulnerability management lifecycle, including identification, assessment, reporting, prioritization, and remediation.
• Lead the development, implementation, and continuous improvement of

vulnerability management processes and tools.

• Serve as the subject matter expert (SME) for vulnerability risk, patching standards, and remediation approaches.
• Oversee vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and ensure accurate coverage and tuning.
• Collaborate with SOC, red teams, and threat intelligence to correlate vulnerabilities with real-world threats and exploitability.
• Analyze scan results and contextual risk (e.g., CVSS score, asset criticality, threat intel) to prioritize remediation efforts.
• Track and report on KPIs/KRIs related to vulnerability exposure, patch compliance, and SLA adherence.
• Facilitate remediation meetings with asset owners and stakeholders.
• Collaborate with IT, infrastructure, application owners, and third parties to ensure timely remediation.
• Develop executive dashboards and technical reports for various stakeholders,

including senior management and auditors.

• Represent vulnerability management in audits, risk assessments, and incident postmortems.
• Ensure vulnerability management processes align with internal policies and

regulatory standards (e.g., ISO 27001, NIST).

JOB REQUIREMENTS

Requirements:

• Bachelor’s degree in Cybersecurity, Computer Science, or related field.
• 6+ years of experience in cybersecurity, with 3+ years in vulnerability management.
• Experience with enterprise vulnerability scanning platforms (Tenable, Qualys, etc.).
• Strong understanding of CVEs, CVSS, threat modeling, and security frameworks (NIST, CIS, MITRE ATT&CK).
• Demonstrated ability to lead cross-functional teams and drive remediation.

Education:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Please refer the Job description for details