Sr Cyber Security Engineer

Senior Cybersecurity Specialist - JOB DESCRIPTION

Overview

The Senior Cybersecurity Specialist is responsible for designing, implementing, and managing the organization's vulnerability management program, with a specific focus on Tenable tools. The role is responsible for proactively identifying vulnerabilities, exploiting, and validating security weaknesses across the organization's systems, applications, and networks. This includes leading vulnerability management, conducting penetration testing (if required), and ensuring effective technical remediation and patch management oversight to reduce organizational risk and strengthen the security posture.

Responsibilities

- Vulnerability Management (Tenable): Deploy, configure, and manage Tenable vulnerability management solutions to identify, assess, and remediate security vulnerabilities. Establish and manage continuous vulnerability scanning and assessment processes. Perform authenticated and unauthenticated scans across critical assets. Expand scan coverage to include previously unassessed or shadow IT assets

- Risk Prioritization: Analyze vulnerability scan results to prioritize and mitigate critical security threats effectively.

- Penetration Testing: Plan, execute, and report on penetration testing engagements across web applications, APIs, infrastructure, and cloud environments. Perform manual and automated testing techniques to uncover complex security flaws. Validate vulnerabilities through exploitation and proof-of-concept development. Conduct red-team style assessments where applicable

- Patch & Remediation Coordination: Collaborate with IT and security teams to ensure timely patching and remediation of identified vulnerabilities. Provide clear, actionable, and technically detailed remediation guidance. Align patching priorities with vulnerability risk ratings and active threat intelligence. Monitor patch compliance and highlight gaps or delays. Collaborate with asset owners to minimize exposure windows

- Compliance & Reporting: Ensure adherence to industry security standards (e.g., NCA, NIST, ISO 27001) and generate reports for audits and security assessments.

Threat Intelligence Integration: Incorporate threat intelligence data to enhance vulnerability management efforts and reduce attack surfaces. Monitor emerging threats, exploits, and zero-day vulnerabilities. Integrate threat intelligence into vulnerability management lifecycle

- Automation & Optimization: Leverage automation tools to streamline vulnerability scanning, risk assessment, and remediation processes.

- Incident Response & Threat Mitigation: Collaborate with Security Operations teams to investigate, analyze, and remediate security incidents related to vulnerabilities.

- Collaboration & Training: Work with IT, Security, and Operations teams to align vulnerability management strategies with business objectives and provide guidance on security best practices.

- Documentation & Reporting Metrics: Maintain detailed documentation of vulnerability assessments, remediation plans, and compliance reports. Develop dashboards and reports for leadership and stakeholders. Track KPIs such as vulnerability aging, remediation SLAs, exploitability, and risk exposure

Qualifications

- Education: Bachelor's degree in Cybersecurity, Information Technology, or a related field; advanced degree preferred.

- Experience: 10+ years of experience in vulnerability management, cybersecurity risk assessment, or a related security domain.

- Technical Proficiency: Expertise in Tenable vulnerability management solutions, risk assessment methodologies, and remediation strategies.

- Security & Compliance: Knowledge of regulatory requirements and best practices for vulnerability management and incident response.

- Problem-Solving Skills: Strong analytical and troubleshooting abilities to investigate security vulnerabilities and optimize remediation efforts.

- Collaboration & Communication: Ability to work cross-functionally with IT and Security teams to implement and maintain security policies.

- Certifications (Preferred): Industry-recognized certifications in (OSCP (Offensive Security Certified Professional) or CPENT (Certified Penetration Testing Professional), Certified Ethical Hacker (CEH), GIAC Vulnerability Assessment (GVAP), or other relevant security certifications.