Key Responsibilities:
Vulnerability Scanning:
- Conduct regular vulnerability scans of designated network segments and systems using industry-standard tools (e.g., Tenable, Nessus).
- Configure scans according to established schedules and scope.
- Document and maintain scan configurations, historical results, and schedules.
Analysis and Reporting:
- Perform basic analysis of scan results, identifying critical vulnerabilities and potential risks.
- Perform basic assessment of vulnerabilities, to input CVE advisories to vulnerability reports.
- Prepare clear and concise reports with vulnerability summaries, risk levels, and suggested remediation actions.
- Distribute scan reports to relevant stakeholders in a timely manner.
Stakeholder Communication and Follow-up:
- Collaborate with system owners and IT teams to provide context for findings and facilitate remediation efforts;
- Conduct weekly follow-ups with stakeholders to track remediation progress and identify any obstacles;
- Track and manage remediation follow-ups according to protocol and established processes;
- Escalate unresolved vulnerabilities or remediation delays to management, as needed.
Status Reporting:
- Create regular status reports on remediation progress for management review.
Requirements :
- Diploma with at at least 2 years' relevant experience in an IT or information security role;
- Demonstrated experience managing vulnerability scanning tools (Tenable, Nessus, Qualys, etc.);
- A good understanding of common network vulnerabilities and remediation techniques;
- Basic knowledge of security standards and best practices (e.g., OWASP, NIST);
- Capability to understand and interpret CVE technical documentation;
- Ability to analyse scan results, interpret technical data, and identify risks;
- Detail-oriented and organised with the ability to track progress across multiple stakeholders.
Additional Notes
- Contract Duration : 12 months.
- Work Arrangement : On site
