For a client, we are seeking a Senior Vulnerability Management Consultant with over 5 years of experience to manage and enhance the security posture of our systems. This role involves configuring the Qualys environment, driving the identification and management of system vulnerabilities, and collaborating on various security projects.

Responsibilities:

• Manage and configure the Qualys environment to ensure effective vulnerability management.
• Collaborate with vulnerability management analysts to identify, assess, and prioritize system vulnerabilities.
• Drive and oversee vulnerability management programs and campaigns, ensuring effective communication with IT stakeholders.
• Create detailed reports and dashboards for stakeholder communication.
• Implement CIS benchmarks and automate vulnerability management processes.
• Conduct firewall reviews to validate rule sets.
• Stay informed on industry best practices, emerging threats, and security trends.
• Provide expertise and guidance on vulnerability management strategies.
• Participate in risk assessments and security audits.
• Develop and maintain documentation for vulnerability management processes.
• Continuously optimize and refine vulnerability management processes.

Experience:

• Minimum of 5 years in vulnerability management, including assessments and penetration testing.
• Proficiency in Qualys VMDR, Microsoft Defender (TVM), and BitSight.
• Experience with basic scripting, API work, and automation.
• Knowledge of Power BI or other dashboarding/reporting tools.
• Familiarity with CIS benchmarks, secure configurations, Azure, and containers.
• Familiarity with CVE, CVSS, EPSS.
• Experience with BMC Helix CMDB/ticketing system is a plus.
• General cybersecurity knowledge.
• Experience with common network protocols, operating systems, and application architectures.

Skills:

• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work effectively both in a team and independently.
• Familiarity with validated system environments and ITIL change management processes.
• Ability to translate technical vulnerabilities into understandable remediation tasks.
• Ability to document, track, and follow up on remediation efforts.