Location : Remote
Type : Full-Time
Department : Information Security
About Us
As the largest online distributor of restaurant supplies and equipment, WebstaurantStore, a Clark Associates company, hosts an expansive catalogue with over 430,000 products that are delivered through fast, dependable shipping, making us the internet's largest restaurant supplier. Our CAST (Clark Associates Security Team) is committed to maintaining the highest standards of security and integrity in all our applications and systems.
Role Overview
We are seeking a skilled and proactive Vulnerability Management Specialist to join our cybersecurity team. In this role, you will be responsible for identifying, assessing, and mitigating vulnerabilities across our systems, networks, and applications. You will work closely with IT, security, and development teams to enhance our vulnerability management program, ensuring the organization maintains a strong security posture while aligning with industry best practices and compliance standards.
Key Responsibilities
Vulnerability Identification and Risk Assessment
- Conduct regular vulnerability scans using tools such as Nessus, Qualys, or Rapid7 to identify security weaknesses.
- Analyze scan results to assess the risk and impact of discovered vulnerabilities, prioritizing remediation efforts based on exploitability and business impact.
Remediation Coordination
Collaborate with IT and development teams to implement mitigation strategies and track remediation progress.Provide clear recommendations for remediation and ensure timely resolution of identified vulnerabilities.Policy Enforcement and Compliance
Assist in developing and enforcing vulnerability management policies, ensuring alignment with industry standards (e.g., PCI, CIS Controls, ISO 27001).Define scanning frequencies and establish service-level agreements (SLAs) for remediation timelines.Monitoring and Reporting
Generate detailed vulnerability assessment reports for stakeholders, highlighting risks and remediation progress.Monitor trends in vulnerabilities and emerging threats, providing insights for improving security controls.Tool Management and Automation
Configure, maintain, and optimize vulnerability management tools to ensure efficient and effective scanning.Automate scanning processes and integrate vulnerability management into the broader security ecosystem.Continuous Improvement and Threat Awareness
Stay up to date on the latest security vulnerabilities, exploits, and mitigation techniques.Recommend and implement improvements to enhance the organization’s vulnerability management program.Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).2 years of experience in vulnerability management, security assessments, or related roles.Proficiency in vulnerability scanning tools such as Nessus, Qualys, Rapid7, or OpenVAS.Familiarity with security frameworks and compliance standards (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA).Experience with scripting (e.g., Python, PowerShell, Bash) for automation is a plus.Relevant certifications (e.g., CompTIA Security , GIAC Certified Vulnerability Assessor (GCVA), CISSP) are preferred.Skills and Competencies
Effective Communication : Ability to articulate technical findings to both technical and non-technical stakeholders.Technical Expertise : Strong understanding of vulnerability scanning, risk assessment, and remediation processes.Industry Knowledge : Awareness of security best practices, regulatory requirements, and emerging threats.Time and Priority Management : Capable of managing multiple assessments and remediation efforts effectively.Leadership and Collaboration : Ability to work cross-functionally and provide guidance on vulnerability management best practices.
