Role Proficiency:

Maintain and improve security posture by identifying scoping and prioritizing vulnerabilities in our systems. Provide guidance and drive accountability of risk-based vulnerability remediation across business and technology teams.

Outcomes:

Identification of vulnerabilities in the organization’s network and IT infrastructure. Identification of risk for the company and the required remediation performed. Perform gap analysis of current vulnerability remediation policies and processes versus industry best practices for the client and identify opportunities for improvement. Vulnerabilities prioritization based on their severity and impact. Accountable for the identification and subsequent use of remedial methods to improve the outcome

Measures of Outcomes:

Average time to action Mean time to remediation Rate Of Recurrence Total Risk Remediated Average Vulnerability Age Provide 3-5 reports and analysis follow-up on a weekly basis Provide at least 2 vulnerability analysis Produce 2 reports for management in each quarter Own and manage at least 2 identified threats & vulnerabilities

Outputs Expected:

Daily Activities :

Daily/Weekly/Monthly Reports on the status of the Platform Execute the latest 1 threat variants to test detection and prevention capabilities. Priority assistance in agent upgrades (scenarios include – Agent update
patching) Creating one Standard policy recommendation and configuration according to environment each month. IOC & IOA management.

Security research community:

Stay on top of the security research community. Will be up to date on current attacks
campaigns
and trends to initiate innovative research activities.

Continuous Learning
innovation
and optimization:

Ensure completion of the learning program suggested by Managers Suggest ideas that will help innovation and optimization of processes

Skill Examples:

Experience in IT optimally in Security with exposure to infrastructure and application vulnerability scan configurations vulnerability assessments and vulnerability management Good understanding of network protocols design and security operations Strong analytical skills and efficient problem solving Proficient in scripting languages such as Python Security hardening techniques and hardening standards patching Ability to design and document security operational procedures Understanding of attacker behaviors and techniques is required.

Knowledge Examples:

Knowledge Examples

A strong understanding of the current threat landscape including the latest tactics tools and procedures common malware variants and effective techniques for detecting this malicious activity. Familiarity with basic security concepts in vulnerability management network security systems administration or other areas of technology is required. Hands-on experience with Vulnerability management tools such as Spotlight Rapid7 Nessus Tenable or Qualys. Knowledge of security principles techniques and technologies Knowledge in exploit development. Security certifications such as CEH GPEN GSEC CISSP.

Additional Comments:

2 to 3 years of experience with Microsoft Defender and a total of 4 years of experience, with a solid foundation in vulnerability management. Possesses a basic understanding of network fundamentals and hands-on experience with vulnerability assessments. Familiarity with Qualys adds valuable expertise to this role. Job Responsibility- • Conduct vulnerability assessments using Microsoft Defender and generate reports using Power BI. • Monitor s and incidents from Microsoft Defender and other security tools, ensuring rapid identification and remediation of vulnerabilities. • Manage and oversee the vulnerability management lifecycle, including detection, prioritization, remediation, and reporting. • Collaborate with network and system administrators to deploy patches and security fixes . • Conduct network security assessments to evaluate the security posture of internal and external systems. • Assist in identifying and applying fixes for identified vulnerabilities within the organization. • Communicate security findings and risk assessments to both technical teams and non-technical stakeholders. • Ensure that vulnerability management practices are compliant with organizational security policies and industry standards. • Generate reports for management, highlighting critical vulnerabilities and actions taken to mitigate risks • Power BI skills are required for vulnerability reporting. • Stay up to date with industry trends, security vulnerabilities, and patch management practices to continuously improve security measures. • Document new findings effectively, prepare detailed reports in PowerPoint, and possess strong scripting skills using Python and Bash for automation.