About the role

The Sr. Specialist, Security Engineer (Vulnerability Management Engineer) protects the organization's information assets and technology infrastructure by implementing security controls, monitoring for threats, and responding to incidents. This role ensures compliance with relevant security policies and regulatory requirements while safeguarding the confidentiality, integrity, and availability of data, supporting the company’s ability to operate securely and meet its business objectives.

More specifically, you will:

• Monitor Security Systems: Continuously monitor security systems and logs to detect and respond to security incidents promptly and effectively.
• Manage Vulnerabilities: Identify, assess, and remediate vulnerabilities in systems and applications through regular testing and patching, conducts vulnerability scans, maintains tools, generates metrics, and consults on remediation, maintain assets and perform remediation, Own the process, application, or IT asset and are accountable for remediation, Management of the vulnerability lifecycle, including scanning, remediation, and patching governance
• Implement and Maintain Security Tools: Deploy and manage security tools, such as Service Now VR, Qualys, MS defender, Intune, SCCM.
• Metrics: Come up with smart metrics to analyze the Vulnerabilities trend in the company environment. Strong hold on Qualys queries focused on defining vulnerability management metrics, including tracking outstanding, new, and fixed vulnerabilities, asset inventory breakdowns (end-of-life vs. non-end-of-life), and team-wise vulnerability metrics.
• Develop Policy and Procedures: Create, update and enforce security policies, standards, and procedures to ensure consistent security practices across the organization.

About You​

Knowledge

• Cybersecurity frameworks and standards (e.g., NIST, ISO 27001)
• Network security principles and protocols
• Security tools and technologies (e.g., Qualys, Service Now VR, SCCM, MS Intune, Patching tools)

Skills

• Incident response and handling
• Vulnerability assessment and penetration testing
• Analytical and problem-solving skills
• Excellent written and verbal communication
• Interpersonal skills
• Technical proficiency in security tools and systems

Mindsets

• Proactive
• Detail-oriented
• Adaptable and resilient
• Collaborative
• Continuous learning and improvement

Education/Certification

• Bachelor's degree in Computer Science, Information Security, or a related field (required)
• Security certifications such as CompTIA Security+, CEH, or equivalent (required)
• Master's degree in Information Security, Cybersecurity, or related field (preferred)
• Advanced certifications such as CISSP, CISM, or OSCP (preferred)

Work Experience

• 3+ years of experience in IT security or a related role (required)
• 5+ years of experience in IT security (preferred)
• Experience with enterprise security tools and frameworks (preferred)
• Proven track record in policy development and risk mitigation (preferred)