Activez les alertes d’offres d’emploi par e-mail !

Cybersecurity Vulnerability Management Specialist

BlackFluoAI

Paris

Sur place

EUR 60 000 - 80 000

Plein temps

Il y a 30+ jours

Résumé du poste

A cybersecurity firm in Paris seeks a Cybersecurity Vulnerability Management Specialist to identify and remediate security vulnerabilities across their infrastructure. The ideal candidate has over 6 years of experience, expertise in tools like InsightVM and Nessus, and a solid understanding of risk assessment methodologies. Responsibilities include conducting vulnerability assessments, collaborating with IT teams on patch management, and generating compliance reports. This role offers a dynamic work environment committed to maintaining organizational security.

Qualifications

  • 6+ years experience in vulnerability management and cybersecurity operations.
  • Expert proficiency with vulnerability scanning tools.
  • Strong knowledge of OWASP Top 10 and the CVE database.

Responsabilités

  • Conduct comprehensive vulnerability assessments using automated tools.
  • Perform manual security testing and penetration testing.
  • Analyze vulnerability scan results and prioritize remediation.

Connaissances

Vulnerability management
Cybersecurity operations
Risk assessment methodologies
Automation scripting (Python, PowerShell)
Knowledge of vulnerabilities (OWASP Top 10)

Formation

Bachelor's degree in Cybersecurity, IT, or related field

Outils

InsightVM
Nessus
Qualys
OpenVAS
Description du poste

About the job Cybersecurity Vulnerability Management Specialist

Cybersecurity Vulnerability Management Specialist

Position Overview

We are seeking a Cybersecurity Vulnerability Management Specialist to identify, assess, prioritize, and remediate security vulnerabilities across our enterprise infrastructure and applications, utilizing advanced scanning tools and implementing comprehensive vulnerability management programs to maintain organizational security posture.

Key Responsibilities

Vulnerability Assessment & Management

  • Conduct comprehensive vulnerability assessments using automated scanning tools including InsightVM, Nessus, and Qualys
  • Perform manual security testing and penetration testing to identify complex vulnerabilities
  • Analyze vulnerability scan results, false positives, and prioritize remediation based on risk scoring
  • Track vulnerability lifecycle from discovery through remediation and verification
  • Maintain vulnerability databases and generate executive-level security metrics and dashboards

Risk Analysis & Prioritization

  • Evaluate vulnerability severity using CVSS scoring and business impact assessments
  • Correlate vulnerability data with threat intelligence to identify active exploitation risks
  • Conduct risk assessments considering asset criticality, environmental factors, and exposure levels
  • Develop vulnerability treatment strategies including remediation, mitigation, and acceptance decisions
  • Create risk-based remediation roadmaps and timeline recommendations

    • Remediation & Patch Management

  • Collaborate with IT teams to develop and implement remediation strategies and patch deployment schedules
  • Coordinate emergency patching for critical vulnerabilities and zero-day exploits
  • Validate remediation effectiveness through re-scanning and verification procedures
  • Manage patch testing procedures and rollback plans for critical systems
  • Implement compensating controls and temporary mitigations for systems that cannot be immediately patched

    • Reporting & Compliance

  • Generate comprehensive vulnerability reports for technical teams, management, and audit purposes
  • Create security metrics and KPIs to measure vulnerability management program effectiveness
  • Support compliance audits and regulatory requirements (SOX, PCI-DSS, HIPAA, ISO 27001)
  • Maintain vulnerability management documentation and standard operating procedures
  • Present security posture updates to executive leadership and risk committees

    • Required Qualifications

    Technical Skills

  • 6+ years experience in vulnerability management and cybersecurity operations
  • Expert proficiency with vulnerability scanning tools (InsightVM, Nessus, Qualys, OpenVAS)
  • Strong knowledge of common vulnerabilities (OWASP Top 10, CVE database, CWE framework)
  • Experience with patch management systems and automated remediation tools
  • Understanding of network security, web application security, and infrastructure hardening
  • Proficiency in scripting languages (Python, PowerShell) for automation and data analysis

    • Security Skills

  • Strong understanding of risk assessment methodologies and vulnerability prioritization frameworks
  • Experience with penetration testing tools and manual security assessment techniques
  • Knowledge of security frameworks (NIST, ISO 27001, CIS Controls) and compliance requirements
  • Understanding of threat intelligence integration and attack vector analysis

    • Preferred Qualifications

  • Bachelor's degree in Cybersecurity, Information Technology, or related field
  • Security certifications (CISSP, CISM, CEH, GCIH, GIAC)
  • Experience with cloud security assessments (AWS, Azure, GCP)
  • Background in DevSecOps and secure software development lifecycle integration
  • Knowledge of security orchestration and automated response (SOAR) platforms
    • Obtenez votre examen gratuit et confidentiel de votre CV.
    ou faites glisser et déposez un fichier PDF, DOC, DOCX, ODT ou PAGES jusqu’à 5 Mo.
    TrustpilotImage showing a rating of 4.5 out of 5 stars on Trustpilot for JobLeads, indicating a high level of customer satisfaction.
    Noté « Excellent » sur la base de 18 710 évaluations