CyberOne Security

Vulnerability Management Consultant

CyberOne Security

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

AssemblyCloudCyber SecurityERPPerlPython

About the role

  • Implementing and operating vulnerability management tools and processes to identify risks, track system and application status, and communicate findings to stakeholders
  • Perform in-depth analysis of vulnerabilities by correlating data from various sources
  • Proactively research and monitor security-related information sources for vulnerability discovery
  • Assess impact of vulnerabilities on critical systems or data and advise on remediation
  • Maintain patch and vulnerability management practices to protect against exploitation
  • Manage tracking and remediation of vulnerabilities, obtaining action plans from stakeholders and using ticketing systems
  • Research current vulnerabilities and exploits using trusted resources
  • Document remediation tasks for application and system owners
  • Report findings and remediation recommendations to stakeholders (executive reports, trends reports)
  • Assist system engineering team in configuring and deploying vulnerability scanning and network assessment tools
  • Support Incident Detection and Response team in daily operations
  • Conduct scans to identify vulnerabilities and ensure security standards compliance
  • Coordinate with teams to perform regular patching and scanning
  • Coordinate with external researchers and organizations during the disclosure process for responsible reporting and resolution
  • Develop reporting metrics, dashboards, and evidence artifacts to address VM program requirements
  • Communicate cybersecurity topics and risk to management and business stakeholders
  • Collaborate across teams to apply security standards and improve organizational security posture

Requirements

  • 5+ years of relevant consulting or industry experience, preferably in a professional services environment (Big 4 a plus)
  • Extensive experience in vulnerability management, patch management, and configuration management best practices
  • Knowledge of researching vulnerabilities, exploitation techniques, and industry trends/threats
  • Familiarity with Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS)
  • Experience with vulnerability and compliance scanning tools such as Qualys, Rapid7, or Tenable Nessus
  • Ability to interpret security advisories and understand vulnerability exploitation and impact
  • Detailed knowledge of Vulnerability Management processes, tools, metrics, and reporting
  • Experience in security monitoring, data correlation, troubleshooting, security operations, digital forensics, and incident response
  • Comprehensive experience with ERP Vulnerability Management and associated tools and processes
  • Understanding of the MITRE ATT&CK Framework and ability to identify TTPs
  • Experience in Attack Surface Management (ASM) tools and implementation
  • Experience performing basic scripting tasks (BASH, PowerShell, Python, Perl, or other native scripting languages) a plus
  • Ability to self-direct project outcomes and achieve program goals with minimal supervision
  • Problem-solving and troubleshooting skills for resolving communication and system issues
  • Experience implementing scanning architectures
  • Familiarity with data analysis and visualization technologies
  • Experience managing and tracking vulnerability cases
  • Excellent written and oral communication skills
  • Exceptional customer service orientation and ability to engage persuasively with clients
  • Strong organizational, job administration, and time management skills
  • Bachelor’s degree in relevant discipline preferred (e.g., MIS, CIS)
  • Prior project management and supervisory experience preferred