Vunerability Management Engineer at Moniepoint Inc. (Formerly TeamApt Inc.)

Job Summary

We are seeking a proactive and detail-oriented Vulnerability Management Engineer to join our Information Security team. The Vulnerability Management Engineer will be responsible for identifying, analyzing, and managing vulnerabilities within our IT infrastructure and applications. The ideal candidate will have a strong technical background in vulnerability assessment, risk management, and remediation strategies.

Key Responsibilities:

Vulnerability Identification and Assessment:

• Conduct regular vulnerability scans and assessments on networks, systems, and applications.
• Analyze scan results to identify vulnerabilities and potential risks.
• Classify vulnerabilities based on severity and potential impact on the organization.

Remediation and Mitigation:

• Collaborate with IT and development teams to prioritize and remediate identified vulnerabilities.
• Develop and implement mitigation strategies to address vulnerabilities in a timely manner.
• Track and report on the status of remediation efforts to ensure timely resolution.

Risk Management:

• Perform risk assessments to evaluate the potential impact of vulnerabilities on the organization.
• Develop risk mitigation plans and work with stakeholders to implement them.
• Continuously monitor and reassess the risk landscape to adjust mitigation strategies as needed.

Security Tools and Technologies:

• Manage and maintain vulnerability management tools and platforms.
• Stay updated on the latest vulnerability management tools and technologies.
• Develop custom scripts and tools to enhance vulnerability management processes.

Compliance and Standards:

• Ensure vulnerability management practices comply with relevant regulations and standards such as PCI-DSS, ISO 27001, and NIST.
• Contribute to the development and maintenance of security policies and procedures.
•  Assist in audits and assessments related to vulnerability management.

Reporting and Documentation:

• Create detailed reports on vulnerability findings, remediation efforts, and overall security posture.
• Communicate vulnerability status and risks to technical and non-technical stakeholders.
• Maintain accurate and up-to-date documentation of vulnerability management activities.

Continuous Improvement:

• Stay current with the latest cybersecurity threats, vulnerabilities, and trends.
• Continuously evaluate and improve vulnerability management processes and practices.
• Participate in security-related training and development activities.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience may be considered.
• Minimum of 3 years of experience in vulnerability management, security engineering, or a related field.
• Proven experience with vulnerability scanning tools and platforms.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.
• In-depth knowledge of vulnerability assessment and management methodologies.
• Proficiency with vulnerability scanning tools such as Nessus, Qualys, and Rapid7.
• Strong understanding of network and application security principles.
• Experience with scripting and programming languages such as Python, Ruby, or Bash.
• Excellent analytical and problem-solving skills.
• Strong communication and reporting skills.
• Ability to work independently and as part of a team.