Vulnerability Remediation and Management Professional

Job Summary The Vulnerability Remediation and Management Professional is responsible for identifying, assessing, prioritizing, and remediating security vulnerabilities across enterprise systems. This role ensures timely patching, configuration updates, and coordination with application and infrastructure teams to maintain a secure and compliant IT environment.

Key Responsibilities Vulnerability Assessment & Analysis

Conduct daily assessments of vulnerabilities identified through infrastructure scans.

Evaluate, rate, and perform risk assessments on applications and systems.

Prioritize vulnerabilities based on severity and business impact.

Provide detailed analysis and remediation guidance to stakeholders.

Remediation Execution

Coordinate and execute remediation activities including patching, configuration updates, and software upgrades.

Collaborate with DEV, QA, and PROD teams to ensure seamless deployment.

Track and validate remediation efforts using tools like SCCM, ServiceNow, and Qualys.

Communication & Reporting

Notify application and system owners of identified vulnerabilities.

Generate and present vulnerability reports to management and security teams.

Maintain dashboards and matrices to track remediation progress and risks.

Governance & Compliance

Ensure alignment with CMDB, POAMs, and DVRs for traceability.

Support audit and compliance initiatives by maintaining accurate documentation.

Participate in governance forums and change management processes.

Required Skills & Experience

7-10 years of relevant experience in vulnerability management and remediation.

Strong understanding of Windows and Linux patching mechanisms.

Experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7).

Familiarity with ITSM tools like ServiceNow and SCCM.

Excellent analytical, documentation, and communication skills.

Ability to manage global teams across onshore/offshore models.

Certifications such as CISSP, CEH, or CompTIA Security are preferred.

Preferred Attributes

Detail-oriented and methodical with strong follow-up capabilities.

Ability to learn new technologies and adapt to evolving threat landscapes.

Experience in managing large-scale OS upgrades and infrastructure modernization.

Knowledge of security frameworks (e.g., NIST, ISO 27001).

#J-18808-Ljbffr