VULNERABILITY MANAGEMENT ENGINEER (ASM)
Role Summar
Support the organisation's Attack Surface Management (ASM) and Vulnerability Management programmes by identifying, validating, prioritising, and tracking security vulnerabilities. Work closely with system owners to drive remediation efforts, manage risks, and improve the overall security postures
Key Responsibilities
- Monitor and triage findings from ASM and Vulnerability Management tool
- Validate vulnerabilities, assess risk using CVSS, and distinguish genuine exposures from false positives
- Coordinate with system owners to track and drive remediation activitie
- Manage risk exceptions and support risk acceptance processe
- Prepare vulnerability and remediation reports, analyse trends, and recommend security improvement
- Support enhancement of vulnerability management processes, policies, standards, and playbooks.
Required Skills & Experience
- Degree in Computer Science, Information Security, or related discipline
- 5 years of experience in Vulnerability Management, Attack Surface Management, Security Operations, or IT Risk.
- Strong understanding of vulnerability management, patch management, CVSS, and attack surface risk
- Experience with Tenable, Qualys, Censys, or similar ASM / Vulnerability Management platform
- Strong analytical, risk assessment, and stakeholder communication skills
- Python scripting
- Certifications such as OSCP, GWEB, CRISC, CISA, or equivalent cybersecurity certifications.