Jobs in United States
Vulnerability Management Engineer
FANATICS INC
Engineer, Senior - Security Systems
Qualcomm Technologies, Inc
Remote Assistant Manager, Collections & Strategy
Motive
Lab Applications Support Engineer: Digital Lab Ops
Thermo Fisher Scientific, Inc
Senior Storage Engineer — Go, NFS, Scalable File Systems
DigitalOcean LLC
Discover more opportunities than anywhere else. Find more jobs nowChief Information Security & OT Resilience Lead
HRSI
Marketing & Digitization Lead, Fuel Cards & Loyalty
HRSI
Business Development & Automation Lead
HRSI
Connect with headhunters to apply for similar jobsManufacturing IT Systems Support Engineer (GxP)
Thermo Fisher Scientific, Inc
Junior Procurement & Services Manager - Growth & Compliance
HRSI
Candidate Experience & Onboarding Specialist
S&P Global
Retail Operations Lead - Multi-Store Growth & Compliance
Healthwire
US Market Account Executive - Remote & High Growth
Huzzle
Embedded Bluetooth Firmware Engineer
Qualcomm Technologies, Inc
Strategic Billing & Invoicing Specialist
Prime System Solutions
Bulgarian Interpreter for Healthcare & Legal Services
Translation Empire
Senior Amazon PPC Strategist - Drive Growth & ROAS
X UP Brands
Remote Real Estate SDR: Prospect, Qualify & Grow
CrewBloom
Head of Solution Consulting: Drive B2B Tech Wins
PMCL-JAZZ
Hungarian Interpreter & Translator - Onsite Public Services
Translation Empire
Remote Mechanical Engineer: NYC Code-Compliant Design
Remote VA
Remote BDR: Fast-Paced Growth & Impact
CrewBloom
Onsite IT Administrator – Night Shift | Lahore
Prime System Solutions
Vulnerability Management Engineer
Job summary
A leading technology firm in Pakistan is seeking a Vulnerability Management Specialist to oversee vulnerability programs, conduct IT asset assessments, and collaborate on security policies. The ideal candidate will have over 2 years of experience in cybersecurity, strong analytical skills, and knowledge of vulnerability scanning tools like Tenable and Qualys. This role ensures the integrity of IT assets and supports incident response efforts.
Qualifications
- 2+ years in vulnerability management, cybersecurity or related experience.
- Familiarity with network protocols, operating systems, and cloud platforms (AWS, Azure, GCP).
- Understanding of frameworks like NIST, OWASP.
Responsibilities
- Manage vulnerability programs for IT assets and containers.
- Conduct regular scans and analyze vulnerabilities.
- Collaborate with IT and development teams for remediation.
Skills
Education
Tools
Manage vulnerability programs for IT assets, containers (e.g., Docker, Kubernetes), and base golden images across operating systems (Windows, Linux, Unix).
Conduct regular scans using industry-standard tools.
Analyze and prioritize vulnerabilities based on risk, exploitability, and asset criticality.
Track and report remediation progress.
Collaborate with IT, DevOps, and development teams for timely remediation.
Develop policies and remediation plans, including golden image review processes.
Support incident response for vulnerability exploits.
Assess risks and recommend mitigation strategies.
Create executive dashboards on vulnerability and golden image security status.
Communicate findings to technical teams and leadership.
Maintain accurate vulnerability, asset, and golden image inventories.
Stay updated on emerging threats, vulnerabilities, and golden image security best practices.
Recommend tools for vulnerability, container, and golden image security management.
Support penetration testing, audits, and security training.
2+ years in vulnerability management, cybersecurity or related experience.
Deep, hands‑on expertise with leading vulnerability scanning platforms (Tenable, Qualys, etc.).
Assessment of golden image reviews for Windows, Linux, Unix, and Containers.
Familiarity with network protocols, operating systems, and cloud platforms (AWS, Azure, GCP).
Experience with patch and configuration management tools (e.g., Tanium, Intune, SSM, JAMF).
Expert understanding of the vulnerability lifecycle, risk assessment, and advanced prioritization techniques (CVSS, EPSS, CWE, CISA KEV).
Understanding of frameworks like NIST, OWASP.
Familiarity with compliance standards (e.g., PCI DSS, SOX).
Knowledge of threat modeling and penetration testing; familiar with scripting languages.
Strong critical thinking and analytical skills.
Ability to approach problem solving in a constructive and collaborative way that does not require absolute security.
- The ability to communicate complicated technical issues and risks to programmers, network engineers and managers.
- Strong project and team‑building skills.
- Exceptional communication skills with diverse audiences; the ability to be an application security subject‑matter expert who can explain relevant topics to general audiences.
Bachelor’s degree in computer science, Information Systems, or equivalent combination of education and experience.
Certifications in the field of Information Security (at least one of the following: CEH, GIAC CPEN, OSCP, OSWE, CWAPT, GWAPT, GWEB).
A minimum of 2 years of experience.
* The salary benchmark is based on the target salaries of market leaders in their relevant sectors. It is intended to serve as a guide to help Premium Members assess open positions and to help in salary negotiations. The salary benchmark is not provided directly by the company, which could be significantly higher or lower.