Who We Are Looking For: We are looking for passionate team players who believe in working hard and having fun in a collaborative environment. Our client's team is customer-focused and values the importance of strong relationships, professionalism, and trust. We embrace solutions-oriented big thinkers who are committed to results and aren't afraid to take risks. We are driven to set goals high and aim even higher.

General Responsibilities:

• Lead the development, implementation, and optimization of our vulnerability management program.
• Utilize Qualys to perform regular scans, assessments, and penetration tests to identify vulnerabilities in our systems, networks, and applications.
• Collaborate with cross-functional teams to prioritize and remediate vulnerabilities promptly.
• Develop and maintain a comprehensive inventory of assets and their associated vulnerabilities.
• Create and maintain documentation related to vulnerability management processes and procedures.
• Monitor industry trends and emerging threats to enhance our vulnerability management strategies.
• Conduct threat modeling and risk assessments to prioritize vulnerabilities based on potential impact and exploitability.
• Provide guidance and mentorship to junior team members in vulnerability management best practices.
• Ensure compliance with industry standards and regulatory requirements related to vulnerability management.
• Knowledge of various security technologies such as vulnerability assessment tools, SIEM, firewalls, proxies, network and host-based intrusion prevention, DLP, etc.
• Integrate and leverage threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor's capabilities.
• Assist in selecting, implementing, and managing systems, tools, and processes to keep the firm at the leading edge of security. This includes a continually evolving inventory of gaps to be mitigated and formulating a proactive strategy to evaluate and implement mitigating technologies.
• Remain current on emerging security threats and technologies.
• Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Minimum of 7 years of experience in cybersecurity, with a focus on threat and vulnerability management.
• At least 5 years of hands-on experience engineering and managing Qualys, including all Qualys modules.
• Expert understanding of vulnerability assessment tools, methodologies, and best practices.
• Knowledge of industry standards and frameworks such as CVE, CVSS, CWE, and NIST.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills to collaborate effectively with cross-functional teams.
• Industry certifications such as CISSP, CISM, or CEH are a plus.
• Ability to work independently and manage multiple tasks in a fast-paced environment, organizing and prioritizing as needed to accomplish goals.
• Knowledge of protocol analysis and tools (e.g., Wireshark, Nessus, Gigastor, Netwitness, etc.).
• Working knowledge of current cyber threat landscape (e.g., threat actors, APT, cyber-crime, etc.).
• Working knowledge of Windows and Unix/Linux, Firewall, and Proxy technology.
• Knowledge of malware operation and indicators.
• Knowledge of forensic techniques.
• Knowledge of penetration techniques.
• Thinks both tactically and strategically.
• Manages uncertainty well - able to assess and act with good enough but imperfect or incomplete information.
• Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level.
• Possess a blue-collar work ethic with the willingness to wear many proverbial 'hats' and have a flexible outlook towards your work.
• Be competitive and have a performance-based drive to succeed, including self-sufficiency and the ability to work as part of a team.
• Have a passion for cybersecurity.