Security Engineer - Vulnerability Management

Position Overview

We are seeking a highly skilled Security Engineer with a specialized focus on vulnerability management to join our dynamic cybersecurity team. This role is pivotal in safeguarding our organisation’s digital assets by identifying, assessing, and remediating security vulnerabilities across our IT infrastructure.

Key Responsibilities

• Assist with the deployment for orchestrating and automating vulnerability management workflows, prioritization, and remediation tracking.
• Assist with the vulnerability management lifecycle, from detection to remediation, ensuring robust protection against threats.
• Operate and optimise vulnerability management tools, to conduct comprehensive vulnerability assessments and generate actionable reports.
• Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Tenable and Defender.
• Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security incidents.
• Maintain up-to-date knowledge of the latest vulnerabilities, exploits, and mitigation techniques, providing guidance and recommendations to IT and business stakeholders.
• Work closely with IT operations, development, and compliance teams to ensure timely remediation of identified vulnerabilities and adherence to regulatory standards.
• Contribute to the continuous improvement of vulnerability management processes and integration with other security platforms.

Essential Skills and Experience

• Proven experience in vulnerability management, cybersecurity operations, or a related technical field.
• Expert working knowledge of workflow automation, remediation tracking, reporting and prioritization methodologies.
• Advanced proficiency with vulnerability management tools such as Tenable.sc and Tenable.io.
• Hands-on experience with endpoint protection and threat intelligence platforms, specifically CrowdStrike and Microsoft Defender.
• Strong analytical and problem-solving skills, with the ability to interpret complex security data and drive effective remediation.
• Excellent communication skills, capable of conveying technical information to both technical and non-technical audiences.
• Ability to work autonomously and collaboratively within cross-functional teams.
• Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.

Preferred Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related discipline.
• Experience working in large enterprise environments with diverse IT infrastructure.
• Knowledge of regulatory frameworks and standards such as ISO 27001, NIST, and GDPR.