Junior Penetration Testing Engineer

Job Description

In this vital role, as a Vulnerability Management Analyst, you will be focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organizations technology stack. Your key responsibility will be to play a crucial role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. You will analyze vulnerability scan data, correlate threat intelligence (e.g., KEV, EPSS), and work closely with infrastructure, application, and business teams to drive risk-based remediation.**Roles & Responsibilities**- Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications.- Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context.- Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies.- Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity.- Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams.- Support vulnerability assessment activities in cloud environments (AWS, Azure, etc.).- Maintain documentation related to the vulnerability management lifecycle.- Assist in policy and process development related to vulnerability and patch management.- Participate in audits and compliance efforts (e.g., SOX, ISO, NIST, PCI).**Qualifications Required**- Masters degree and 1 to 3 years of experience in Cybersecurity, vulnerability management, or information security operations; OR- Bachelors degree and 3 to 5 years of experience in Cybersecurity, vulnerability management, or information security operations; OR- Diploma and 7 to 9 years of experience in Cybersecurity, vulnerability management, or information security operations.**Must-Have Skills**- Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7).- Understanding of CVSS scoring, vulnerability lifecycle, and remediation workflows.- Basic knowledge of threat intelligence and how it applies to vulnerability prioritization.- Working knowledge of network, operating system, and application-level security.- Ability to analyze scan data and correlate it with business context and threat intelligence.**Preferred Qualifications**- Experience with KEV, EPSS, and other threat-based scoring systems.- Familiarity with patch management processes and tools.- Exposure to cloud security and related scanning tools (e.g., Prisma Cloud, AWS Inspector).- Certifications (one or more preferred):CompTIA Security, GIAC GSEC / GCIH, Qualys Vulnerability Management Specialist (QVMS), Tenable Certified Nessus Auditor (TCNA).**Soft Skills**- Analytical Thinking: Ability to interpret complex data sets and assess risk effectively.- Attention to Detail: Precision in identifying and tracking vulnerabilities and remediation status.- Communication Skills: Ability to communicate technical findings to both technical and non-technical audiences.- Collaboration & Teamwork: Able to work across IT, DevOps, and security teams to drive resolution.- Curiosity & Continuous Learning: Willingness to stay current with evolving threats and technologies.- Problem-Solving Approach: Capability to identify solutions to security weaknesses in diverse environments. In this vital role, as a Vulnerability Management Analyst, you will be focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organizations technology stack. Your key responsibility will be to play a crucial role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. You will analyze vulnerability scan data, correlate threat intelligence (e.g., KEV, EPSS), and work closely with infrastructure, application, and business teams to drive risk-based remediation.**Roles & Responsibilities**- Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications.- Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context.- Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies.- Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity.- Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams.- Support vulnerability assessment activities in cloud environments (AWS, Azure, etc.).- Maintain documentation related to the vulnerability m

Keyskills :
threat intelligencenetwork securitycloud securityvulnerability management toolsCVSS scoringoperating system securityapplicationlevel security