Senior Vulnerability Management Consultant

For a client, we are seeking an experienced Senior Vulnerability Management Consultant for a replacement role.

Job Title:

Senior Vulnerability Management Consultant

Start Date:

01/04/2025

End Date:

End of the year

Location:

Hybrid (on-site and remote work)

Responsibilities:

• Manage and Configure Qualys Environment: Ensure effective vulnerability management by configuring and maintaining the Qualys environment. Monitor and optimize vulnerability scanning processes.
• Collaborate with VM Analysts: Work closely with vulnerability management analysts to identify, assess, and prioritize vulnerabilities in IT systems. Assist in developing remediation plans and tracking progress.
• Vulnerability Management Program: Run and oversee the vulnerability management program and campaigns, ensuring timely and effective communication with IT stakeholders for patching, remediation, and lifecycle management. Create detailed reports and dashboards for stakeholders.
• Security Projects: Drive and assist in various security projects, including implementing CIS benchmarks, automating vulnerability management processes, ensuring secure configurations, and conducting firewall reviews.
• Stay Informed: Keep up-to-date with industry best practices, emerging threats, and security trends. Apply this knowledge to improve vulnerability management practices.
• Provide Expertise and Guidance: Offer insights on vulnerability management strategies, tools, and techniques. Collaborate with cross-functional teams to enhance overall security.
• Risk Assessments and Documentation: Participate in risk assessments and security audits. Develop and maintain documentation related to vulnerability management processes. Document changes following ITIL best practices and work closely with compliance teams.
• Continuous Improvement: Act as a subject matter expert in vulnerability assessment tools. Continuously optimize and refine vulnerability management processes.

Qualifications:

• Education: Bachelor’s degree in Computer Science, Information Systems, or a related field.
• Certifications: Qualys certification and other relevant security certificates like CISSP, CEH, CISA are preferred.
• Experience: Minimum of 5 years in vulnerability management, including vulnerability assessments and penetration testing.
• Technical Skills: Proficiency in Qualys VMDR, Microsoft Defender (TVM), and BitSight. Experience with basic scripting, API work, and automation. Knowledge of Power BI or other dashboarding/reporting tools. Familiarity with CIS benchmarks, secure configurations, Azure, and containers. Familiarity with CVE, CVSS, EPSS, etc. Experience with BMC Helix CMDB/ticketing system is a plus.
• General Skills: Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work effectively in a team environment and independently. Ability to translate technical items into easy-to-understand remediation tasks. Ability to document, keep track, and follow-up on remediation efforts.
• Language Skills: Understanding Dutch would be a plus.

Additional Information:

This is a full-time position (40 hours/week). The role involves a hybrid work model, combining on-site and remote work.