151 to 175 of 487 Permanent Vulnerability Management Jobs

and reporting incidents and providing cyber security metrics. Evaluating and determining if/when information security violations have occurred through examination of network or device logs, open-source research, vulnerability and configuration scan data, and user provided reports. Demonstrate a strong understanding of information security policies and doctrine, ability to draft, modify and create SOPs for use of other … years in a cybersecurity or SOC environment. Strong understanding of OSI model, incident response, and threat analysis. Proficient in SIEM tools (e.g., Splunk), IAM, server/network security, and vulnerability management. Familiarity with ISO 27001, NIST CSF, and general security frameworks. Effective communicator across all organizational levels; strong multitasking and organization skills. Experience with Linux systems; cloud knowledge is More ❯

more about this opportunity, feel free to reach out and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with internal teams … of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving skills. Excellent communication skills More ❯

Security Support Engineer, Vulnerability Management and Remediation Job ID: Amazon Support Services Pty Ltd Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team! Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation … Sydney, Australia. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem. Key job responsibilities - Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon. - Assess and negotiate with customers to drive down security risk … in their environments. - Collaborate with builder teams to implement security fixes and improvements. - Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications. - Review and analyse common vulnerability disclosures and assist in evaluating potential impacts. - Help triage vulnerabilities and contribute to impact and detection logic assessments. - Contribute to the development of automation of repetitive tasks. - Actively participate More ❯

Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application … IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Position Description: The Cyber Enterprise Vulnerability and Remediation Engineer provides support to the customer in the area of Cyber Security. Daily Tasks include, but are not limited to: Coordinate and prepare Inspector General (IG) FISMA closure requests from field reps and … program Information System Security Engineers (ISSEs) Update and manage metrics reporting for several database sources Coordinate with RMF stakeholders on closure Body of Evidence (BoE) for Enterprise Vulnerability and Remediation (EVAR) tracked findings Prepare and update slides for weekly and monthly deliverables for contract and EVAR meetings Research trending vulnerabilities being reported through enterprise security tools Support automation activities More ❯

Job Number: R Cyber Risk Management Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming. In all of this "cyber noise," how can these organizations understand their risks and how to mitigate them? The answer is an information security risk spe cia list like you who will … data, and interconnections to partners. This is your opportunity to act as an information security subject matter expert while broadening your skills. You will help build Booz Allen's vulnerability management capability and service offerings while supporting critical client missions. Join us. The world can't wait. You Have: 5+ years of experience in cybersecurity or information technology … Experience using and configuring vulnerability assessment tools Experience assessing organizational risks and recommending mitigation strategies Experience using Risk Management Framework ( RMF ) and eMASS or Xacta Knowledge of cybersecurity principles, threat intelligence, penetration testing, Red Team, or incident response Ability to communicate clearly with technical and non-technical audiences and collaborate closely with teammates regardless of whether they are More ❯

Knowledge of penetration testing, network security, and the techniques used to expose and correct security flaws A broad understanding of security technologies including firewalls, proxies, Security Information and Event Management (SIEM), antivirus software, and Identity Providers (IdPs) Understanding of vulnerability management and the ability to identify and spotlight vulnerabilities on on-premises and remote networks, correct problems … for Security Anomalies, Violations of policies, and other Security Breaches. Responds to Security related incidents and events in an organized and efficient manner, providing well-documented reports. Leads a Vulnerability management program, working with other IT staff to guide patching and remediation. Performs testing and verification of company security controls, provides organized reporting based on findings. Management of security tools such as firewalls, vulnerability scanners, SIEM, asset discovery tools, antivirus toolset, and email protection toolsets. More ❯

risk-based KPIs, KRIs, and metrics to measure cyber resilience and overall security performance. Support compliance efforts across frameworks including Cyber Essentials, ISO 27001, GDPR and DPA. Lead the vulnerability management programme, advising IT on remediation strategies. Oversee security incident monitoring and response in coordination with the SOC team. Design and implement an effective identity and access management … GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing and running vulnerability management programmes, with experience using industry-standard tooling. Experience designing, deploying, and managing Identity and Access Management (IAM) systems and processes. Strong understanding of risk management principles More ❯

security in a dynamic and mission-critical environment? As a Cyber Engineer, you will work on developing and implementing advanced cyber defense technologies, securing sensitive systems, and supporting risk management processes. You will ensure compliance with cybersecurity frameworks, lead cyber testing initiatives, and contribute to obtaining and maintaining Authority to Operate (ATO) within secure systems. What You'll Do … Cyber Artifacts Management: Manage and assess cyber artifacts to ensure proper documentation and readiness for cyber assessments. • Cyber Testing: Develop, execute, and analyze cyber testing efforts including penetration tests, vulnerability assessments, and cybersecurity audits. • Risk Management Framework (RMF) Implementation: Guide and support the implementation of the RMF process, including categorizing information systems, selecting security controls, and managing … Security Technical Implementation Guides (STIGs) and maintain up-to-date security configurations. • Obtain ATO: Coordinate efforts across teams to prepare systems for ATO through proper documentation, risk assessments, and vulnerability remediation. • Collaboration: Work closely with program managers, engineers, and clients to ensure alignment with project goals and compliance with cybersecurity best practices. • Documentation & Reporting: Assist in the creation of More ❯

What You'll Be Working On: ️ Designing, implementing, and managing security architectures to safeguard systems and networks ️ Conducting vulnerability assessments, penetration testing, and risk analyses to identify and mitigate potential threats ️ Implementing and managing security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection ️ Monitoring security alerts, investigating incidents, and responding to security … techniques, and security technologies (e.g., firewalls, IDS/IPS, VPNs, SIEM) ️ Experience with cloud security and hybrid environments (AWS, Azure, GCP) ️ Hands-on experience with security incident response and vulnerability management tools ️ Certifications such as CISSP, CEH, CompTIA Security+, or Cisco Security certifications are highly desirable More ❯

Monitoring and defending against security threats across the organization's network, systems, and applications ️ Implementing and managing security technologies such as firewalls, IDS/IPS, and encryption solutions ️ Conducting vulnerability assessments and penetration tests to identify and mitigate security risks ️ Collaborating with IT teams to implement secure configurations and ensure best practices are followed ️ Developing and enforcing cybersecurity policies … or in a similar role within IT security ️ Strong knowledge of cybersecurity principles, threat intelligence, and security controls ️ Experience with security tools (e.g., SIEM, firewalls, EDR, VPN, DLP) and vulnerability management ️ Solid understanding of regulatory frameworks and industry standards (e.g., GDPR, NIST, ISO 27001) ️ Certifications such as CISSP, CISM, CompTIA Security+, or CEH are highly desirable Ready to More ❯

a dedicated professional to: Own the Cyber Security Design: Assess and define cyber security design requirements, and develop and maintain product security documentation within a standardized security framework. Risk Management: Analyze, report on, and assist in managing security-related risks, including proposing further security improvements. Education & Awareness: Continuously educate product design staff and stakeholders on cyber security impacts on … years Product & Cyber Security Design: Holistic industry standards Security Standards & Frameworks: NIST -53, NIST CSF, NIST -, IEC , ISO (advantageous) Architectural & Technical Specifications: Network, application, database/data store level Vulnerability Testing: Systems and software Threat, Exploit, & Vulnerability Analysis Technical Knowledge: OS and network security (physical, virtual, cloud-based AWS) Security Systems Experience: Endpoint security, vulnerability management, firewalls, IDS/IPS, wireless security, authentication, log management, encryption Application & Database Security Design Governance & Risk Management: Vulnerabilities during cyber security testing Project Leadership: Technical side, start to finish Engineering Design Specifications Writing Communication Skills: Information security concepts and risks Team Collaboration Independent & Reliable Completion of Assignments Education: Bachelor's in Computer Science, Information Security, Engineering, or More ❯

The Information Assurance Specialist role encompasses a broad range of information security disciplines, including risk assessment, security architecture development, vulnerability management, compliance adherence, incident response, and cybersecurity. DUTIES AND RESPONSIBILITIES Risk Assessment: Conduct comprehensive risk assessments to identify vulnerabilities and threats to information assets, systems, and networks. Analyze potential impacts and develop mitigation strategies. Security Architecture Development: Design … and needs. Develop and document systems administration standard operating procedures. Ensure the application of security patches for commercial products integrated into system design meets the timelines dictated by the management authority for the intended operational environment. Maintain baseline system security according to organizational policies. Identify and analyze anomalies in network traffic using metadata Isolate and remove malware. Identify applications … related field. Relevant certifications such as CompTIA, CISSP, CISM, Security+, or equivalent. Extensive knowledge of information security principles, practices, and technologies. Strong understanding of Department Of navy (DON) Risk Management methodologies and Frameworks (RMF). Proficiency in vulnerability management processes and tools. In-depth knowledge of security architecture and design principles. Examine network topologies to understand data More ❯

Squadron (26NOS) is searching for qualified candidates for a position of Junior or Mid-Level ACAS Systems Operator I or II (depends upon experience). Seeking an individual for vulnerability assessment analysis and administration role with cybersecurity oriented principles to protect and defend information systems and networks. If you are seeking a challenging place to work, please review the … the qualifications, a candidate may still be considered depending on your level of experience. Duties & Responsibilities: • Operates the security and compliance baseline configuration, inventory, and best practices for the vulnerability management solution (VMS) deployed across multiple unclassified and classified network locations supporting the implementation for Tenable products within Assured Compliance Assessment Solution (ACAS) including .SC (SecurityCenter ) and Nessus … configurations, enterprise or local policy • Ability to assess the level of risk, develop or recommend meaningful insights about the context of an organization threat environment to improve its risk management posture; measure effectiveness of systems/networks/endpoints that deviate from acceptable configurations, enclave or local policy • Work in concert with other Tenable operators, integrator and IA personnel More ❯

responsible for protecting enterprise systems and data. This role offers hands-on involvement with a wide range of technologies-from endpoint detection and SIEM platforms to firewalls, MFA, and vulnerability management-providing a well-rounded foundation in enterprise security operations. You'll gain exposure to advanced security practices, assist in running and responding to threat detection systems, and … contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security certificates, PAM systems, and conditional … platforms in a corporate IT environment. Experience with some of the following: EDR platforms (e.g., CrowdStrike) Email or web security gateways (e.g., Mimecast) MFA/SSO (e.g., Duo, Okta) Vulnerability scanners (e.g., Rapid7, Tenable, Nessus) InTune and Conditional Access Exposure to: Imperva WAF KnowBe4 Certificate management tools Kali Linux toolset and penetration testing basics Qualifications: Working towards or More ❯

successful candidate will have previous experience as an ISSO and Security Control Assessor having documented the full scope of security documentation in support of the NIST 800-37 (Risk Management Framework (RMF). A strong foundation in the understanding of encryption and how encryption is applied to National Security Systems (NSS) is necessary. Responsibilities Assess DHS NSS systems and … mitigation plans. Maintain documentation for all NSS compliance activities, including CISO and I&A requests. Monitor and review POAMs to ensure timely mitigation and closure. Analyze continuous monitoring, configuration management, vulnerability management, asset management, software management and self-reported data to identify risk and work with System Teams to develop a plan to mitigate security … Office of the Inspector General (OIG). Compile data to support analysis and reporting in support of cyber risk compliance activities and activities stemming from Cybersecurity Supply Chain Risk Management (CSCRM). Create and maintain documentation from all NSS-related compliance activities, to include any incoming Chief Information Security Officer (CISO) and Information and Analysis (I&A) requests for More ❯

chance to directly shape strategy within a national institution. This is a hands-on, strategic role with a focus on Microsoft Entra ID Governance and Microsoft Purview - including lifecycle management, RBAC, data classification, DLP and compliance tooling. You'll play a key part in designing and maintaining secure practices across Microsoft 365, Azure, and broader security operations. Working within … a small, agile security team, you'll also contribute to regulatory compliance (ISO 27001, GDPR, Cyber Essentials+), risk assessments, vulnerability management, and stakeholder engagement at all levels. Experience of Interest: * Practical experience implementing Microsoft Entra ID Governance (or similar Okta) * Hands-on and demonstrable use of Microsoft Purview for compliance, data classification, and DLP * Strong security operations knowledge More ❯

Who We Are Lawelawe is a Native Hawaiian Owned Small Disadvantaged Business (NHO SDB) that specializes in providing a range of services to federal government clients, including program management, digital solutions, human capital and training. Lawelawe leverages our NHO status to secure federal contracts that not only drive business success but also support our overall mission to uplift economically … advisor, helping secure sensitive systems and fortify the network from evolving threats. Shaping and enforcing Information Assurance policies, supporting ATO processes from start to finish, ensuing the operation of vulnerability management programs. Responsibilities Participate in various aspects in developing and writing certification and accreditation (C&A) documentation packages included in the process of helping an organization/agency … and Technology (NIST) and/or Department of Defense IA Certification and Accreditation Process standards in performance of job functions. Manage or take part in the MTF Information Assurance Vulnerability Management (IAVM) program, which requires disseminating, coordinating, validating, reviewing, guiding, data entry, training, and monitoring compliance data provided or available to/from DoD and MHS. Use DoD More ❯

and providing technical support for PKI. Provide DoD PKI services including directory support, certification validation, registration, interface to related Army systems, hosting of PKI-enabled servers, and required key management services, as well as PKI solutions for email, web applications, file transfer, and VPNs. Provide PKI authentication for users' devices and applications to utilize global information services data and … for controlling logical access. Register and install PKI certificates on Army-owned PKI protected devices. Utilize the eMASS to record RMF activities such as all relevant security controls. Perform vulnerability scans weekly. Provide IAVA compliance and compliance monitoring of all network connected assets. Manage the IAVM program for all RNEC-Aberdeen managed devices for installation and customer activities. Provide … requested, compliance verified, and reporting data entered into required database/system. Develop Mitigation Action Plan (MAP) and IAVM POA&Ms. Perform network, workstation, and server scans and compile vulnerability reports to facilitate corrections. Plan, detect, respond, investigate, and report malicious and unauthorized activities. Conduct compliance checks for known or potential Communications Systems and System Support to all computer More ❯

expertise. What You'll Do Serve as the Cyber Security Subject Matter Expert , advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme , with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across … strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Right to work in the UK. Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability More ❯

expertise. What You'll Do Serve as the Cyber Security Subject Matter Expert , advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme , with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across … strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Right to work in the UK. Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability More ❯

employee at M.C. Dean, you will join forces with more than 5,800 professionals who engineer and deploy automated, secure and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together, we transform the way complex, large-scale systems are designed, delivered, and sustained-enhancing client outcomes, improving lives, and changing the … a multidisciplinary team, you will be responsible for coordinating and implementing technical controls and configuration settings and will work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security Engineering efforts. This is a technical role that requires some familliarity with common RMF Cybersecurity processes and deliverables. Assist with … systems Assist in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conduct ICS/SCADA system inventories following DoD guidance Conduct vulnerability scanning, remediation, and documentation of system vulnerabilities Participate in continuous improvement of organizational cybersecurity posture Qualifications Clearance/Citizen Type: Applicants selected will be subject to a government security More ❯

Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. • Asses Security Technical Implementation Guides (STIGs) compliance and completion. … Utilize asset mapping tools to verify connected inventory. • Handle Information Assurance Vulnerability Management (IVAM) notifications. • Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. • Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes … to determine if relevant data is present to accelerate against data models to work with existing use cases • Familiar with the operations and functions of Nessus or security center management • Can assist and provide technical input to research, discover, implement hardware and software • Understands importance and fundamentals of logistics and evidence handling • Certified Ethical Hacker (CEH), GIAC Certified Incident More ❯

Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. • Asses Security Technical Implementation Guides (STIGs) compliance and completion. … Utilize asset mapping tools to verify connected inventory. • Handle Information Assurance Vulnerability Management (IVAM) notifications. • Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. • Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes … to determine if relevant data is present to accelerate against data models to work with existing use cases • Familiar with the operations and functions of Nessus or security center management • Can assist and provide technical input to research, discover, implement hardware and software • Understands importance and fundamentals of logistics and evidence handling • Certified Ethical Hacker (CEH), GIAC Certified Incident More ❯

Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. • Asses Security Technical Implementation Guides (STIGs) compliance and completion. … Utilize asset mapping tools to verify connected inventory. • Handle Information Assurance Vulnerability Management (IVAM) notifications. • Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. • Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes … to determine if relevant data is present to accelerate against data models to work with existing use cases • Familiar with the operations and functions of Nessus or security center management • Can assist and provide technical input to research, discover, implement hardware and software • Understands importance and fundamentals of logistics and evidence handling • Certified Ethical Hacker (CEH), GIAC Certified Incident More ❯

goals, and ensure robust governance across information security and operational practices. Key Responsibilities: Develop and implement a comprehensive GRC framework across the group Conduct regular risk assessments and support vulnerability management Maintain and evolve security controls, policies, and standards Ensure compliance with GDPR, CIS18, PCI DSS, and ISO27001 Lead on third-party audits and provide documentation and evidence … of risk awareness through training and communication Monitor changes in regulation and adapt the GRC framework accordingly Ideal Candidate Profile: Minimum 5 years' experience in GRC, compliance, or risk management Solid understanding of regulatory frameworks and industry standards Hands-on experience with risk assessments and compliance auditing Strong communication and stakeholder engagement skills Professional certifications such as CISSP, CISM More ❯