1 to 25 of 149 Permanent Vulnerability Scanning Jobs

Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information … and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware More ❯

Management: Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations: Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information … and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC): Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware More ❯

Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information … and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware More ❯

Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information … and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware More ❯

and remediate application and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication/authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE … tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC … and log analysis. Proficient in log analysis, SIEM usage/configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially AWS-and cloud-native security practices. Experience conducting penetration tests, vulnerability assessments, and network scans. Excellent communication and collaboration skills More ❯

coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, data leakage prevention, patching, encryption, vulnerability scanning, and configuration of security tools. Prior experience in an international enterprise environment is essential. Responsibilities Collaborate with IT teams to design and implement the company's cybersecurity … procedures annually for security compliance. Develop, test, and implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls as needed. Contribute More ❯

background in security engineering and federal compliance. Strong understanding of security principles, best practices, frameworks, and techniques. Proficient with security tools and technologies, including SIEM platforms (e.g., Splunk, ArcSight), vulnerability scanners (e.g., Nessus, Qualys), endpoint protection (e.g. ESS, Tellix), and cloud security in AWS, Azure, and hybrid environments. Proficiency in scripting languages (Python, PowerShell, Ansible) for security automation and More ❯

background in security engineering and federal compliance. Strong understanding of security principles, best practices, frameworks, and techniques. Proficient with security tools and technologies, including SIEM platforms (e.g., Splunk, ArcSight), vulnerability scanners (e.g., Nessus, Qualys), endpoint protection (e.g. ESS, Tellix), and cloud security in AWS, Azure, and hybrid environments. Proficiency in scripting languages (Python, PowerShell, Ansible) for security automation and More ❯

able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security More ❯

able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security More ❯

able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security More ❯

with relevant security frameworks and regulations, identifying potential compliance issues and contributing to mitigation strategies. Technology Evaluation, Deployment, and Management: Conducts security architecture reviews and perform security assessments, including vulnerability scanning, configuration reviews, and cloud security posture assessments, identifying vulnerabilities and recommending detailed remediation strategies. Contribute to the development of security architecture roadmaps and strategic plans, and support More ❯

Strong interpersonal and presentation skills. Strong analytical skills Must have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of More ❯

Strong interpersonal and presentation skills. Strong analytical skills Must have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of More ❯

individual with a passion for defending complex digital environments from sophisticated threats. The successful candidate will be part of a dedicated team responsible for executing and advancing a comprehensive Vulnerability Management Program supporting mission-critical systems in a high-security environment. Essential Duties and Responsibilities (but not limited to): • Conduct proactive cyber monitoring and vulnerability management activities across … a diverse enterprise IT environment. • Support the execution of vulnerability scanning, analysis, reporting, and remediation efforts, using tools such as Tenable Security Center (or equivalent platforms). • Collaborate with cross-functional teams to drive vulnerability remediation plans and lead working groups to assess, prioritize, and track mitigation efforts. • Collect, analyze, and validate open-source intelligence and threat … enterprise intrusion detection systems (IDS/IPS), host/network security tools, firewalls, HIPS, WAFs, and event correlation. • Proven experience in cybersecurity operations, including threat analysis, incident response, and vulnerability remediation across multiple OS platforms (Linux, Windows, Mac). • Technical expertise in at least one scripting/programming language: Python, PowerShell, Bash, C++, etc. • Familiarity with cyber threat intelligence More ❯

policies. You will interact with IT representatives to ensure adherence to corporate and information security policies. You will have skills to provide expert level assurance in penetration testing and vulnerability assessments. The ability to manage business and IT expectations, compliance, and Security requirements are critical to success. You should also have the ability to manage a small team/… testers. Ensure smooth delivery and completion of penetration tests. Providing regular updates to Cyber Assurance Program Managers on status of tests you have been allocated to support. Perform Technical Vulnerability and Web Application scans and provide output to security testers/application owners where required. Conduct quality assurance on vendor supplied reports for Cyber Assurance Program Managers at end … lifecycle, OWASP Application vulnerabilities and IT systems. Knowledge of Cybersecurity frameworks (e.g., NIST, ISO 27001) and compliance regulations (e.g., DORA, GDPR, Cyber Essentials). Familiarity with Security tooling and vulnerability Scanning e.g. Qualys, Nessus, Burpsuite Digital Forensics or Discovery experience Basic understanding of eMail infrastructure/Outlook/Office365 and Microsoft Application Basic understanding of virtual environments Bachelor More ❯

Deep knowledge of Windows, Linux, and macOS patching. Experience with Windows Server Update Services (WSUS), SCCM, or Linux patching tools like YUM and APT. Network & Security Testing: Understanding of vulnerability scanning tools (Nessus, Qualys) and security compliance frameworks (DISA STIGs, NIST, CIS benchmarks). Database & Log Analysis: Ability to query logs and databases (SQL, Splunk, ELK Stack) for More ❯

Deep knowledge of Windows, Linux, and MACOS patching. • Experience with Windows Server Update Services (WSUS), SCCM, or Linux patching tools like YUM and APT. • Network & Security Testing: Understanding of vulnerability scanning tools (Nessus, Qualys) and security compliance frameworks (DISA STIGs, NIST, CIS benchmarks). • Database & Log Analysis: Ability to query logs and databases (SQL, Splunk, ELK Stack) for More ❯

in basic shell scripting, creating Snort rules, or other log-searching query languages and methods. Must be confident to handle common security incidents independently. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of More ❯

EITaaS IT Service Management offerings to SIPR. We are currently seeking a Nessus Engineer for an onsite position in Chantilly, VA. This position supports our cybersecurity initiatives by conducting vulnerability assessments and ensuring the overall security of our networks and systems. This position is critical in maintaining and improving the integrity and safety of our infrastructure using the Nessus … vulnerability scanning tool. The ideal candidate will have hands-on experience with Nessus or similar vulnerability management tools, a solid understanding of security best practices, and a passion for mitigating risks in complex IT environments. Minimum of 10+ years' experience in vulnerability management, cybersecurity, or IT security. Hands-on experience with Nessus (or similar tools such … as OpenVAS, Qualys) for vulnerability scanning and management. Experience with network protocols (TCP/IP, HTTP, DNS, etc.), operating systems (Windows, Linux, macOS), and security best practices. Installing and Configuring Nessus, Nessus Manager, Nessus Agents, Log Correlation Engine, Nessus Network Monitor, and Security Center on both Linux/Unix and Windows based environments Responsible for installing and configuring More ❯

are ready for the challenges of today and tomorrow. Essential Duties and Responsibilities: As a Lead InfoSec Consultant, you'll take the lead in executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in web, mobile, and … play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee regular penetration tests and vulnerability assessments on applications, networks, systems, and infrastructures. Identify, exploit, and document vulnerabilities, including demonstrating the business impact of potential … system administrators. Keep up to date with the latest security vulnerabilities, exploits, and attack methodologies to ensure effective penetration testing. Security Risk Management: Develop and manage the organisation's vulnerability management program, ensuring compliance with internal policies and industry regulations. Identify security weaknesses and work with stakeholders to develop mitigation strategies. Conduct regular security risk assessments and develop action More ❯

security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding … a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

Assessment and Authorization (A&A) activities to obtain and maintain Authority to Operate (ATO). • Conduct and document regular security reviews, risk assessments, and audit log analysis. • Assist with vulnerability scanning and remediation (e.g., ACAS, Nessus, STIGs, SCAP). • Enforce security policies, procedures, and guidelines for users, developers, and administrators. • Report and respond to security incidents in coordination … 3+ years of experience in DoD cybersecurity, including RMF and NIST 800-53 compliance. • Active DoD Secret security clearance or higher. • Familiarity with DISA STIGs, SCAP tools, eMASS, and vulnerability management tools. • Experience with A&A processes and associated documentation and submission of RMF packages. • Experience coordinating with DCSA • DoD 8570 IAT Level II or IAM Level I certification More ❯

preventive measures. Incident Response & Mitigation: Assess and maintain the Incident Response Plan, lead the response to security incidents and breaches, providing expertise in root cause analysis, containment, and remediation. Vulnerability Management: Conduct regular security assessments, including vulnerability scanning and writing penetration testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide More ❯

systems (Windows, OS X, Linux). Proficiency in shell scripting, creating Snort rules, or other log-searching query languages. Confidence in handling common security incidents independently. Good understanding of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing). Knowledge of ITIL disciplines such as Incident, Problem, and Change Management. Ability to work with minimal supervision. Willingness to work More ❯