Skip to main content

Specialist - Vulnerability Management (m/f/d)

Halian | Managed Services, Recruitment Agency & Contract Staffing

Abu Dhabi Emirate, United Arab EmiratesOn-siteFull-Time3w ago

Description

Role Purpose

The Vulnerability Management Specialist is responsible for identifying, assessing, prioritizing, and tracking remediation of security vulnerabilities across the organization. The role focuses on leveraging Qualys , applying CVSS v3.1 scoring with business context , and delivering executive-level reporting on vulnerability posture aligned with the bank’s risk appetite . The position also supports penetration testing coordination and ensures remediation activities meet defined SLAs.

Key Responsibilities

Vulnerability Assessment & Scanning

  • Perform regular vulnerability scanning using Qualys (mandatory) across infrastructure, applications, and endpoints
  • Identify and validate vulnerabilities across:
  • Servers, databases, and network devices
  • Cloud and on-premise environments
  • Ensure scanning coverage is comprehensive and aligned with asset inventory

Risk Prioritization & Analysis

  • Prioritize vulnerabilities using CVSS v3.1 scoring, enhanced with:
  • Asset criticality
  • Business impact
  • Threat intelligence inputs
  • Distinguish between false positives and real risks through validation and analysis
  • Provide risk-based recommendations for remediation

Remediation Tracking & SLA Management

  • Track vulnerability remediation against defined SLAs
  • Work closely with IT, infrastructure, and application teams to ensure timely fixes
  • Develop and maintain remediation dashboards for visibility and accountability
  • Escalate overdue or high-risk vulnerabilities to management

Reporting & Governance

  • Prepare and present:
  • Executive dashboards on vulnerability status and trends
  • Quarterly vulnerability posture reports aligned with board-level risk appetite
  • Highlight key risk areas, systemic weaknesses, and improvement actions
  • Support risk committees, CISO, and senior leadership with actionable insights

Penetration Testing Coordination

  • Coordinate and manage internal and external penetration testing engagements
  • Ensure findings are:
  • Properly documented
  • Tracked for remediation
  • Validate closure of penetration testing findings

Continuous Improvement & Compliance

  • Enhance vulnerability management processes in line with industry best practices
  • Integrate threat intelligence to improve risk prioritization
  • Ensure alignment with:
  • Internal security policies
  • Regulatory requirements (banking/financial sector)
  • Support audits and compliance reviews

Qualifications & Experience

Education

  • Bachelor’s degree in:
  • Cybersecurity
  • Information Technology
  • Computer Science or related field

Experience

  • 4–8+ years of experience in:
  • Vulnerability Management / Security Operations
  • Enterprise-scale vulnerability assessment programs
  • Proven experience with:
  • Qualys Vulnerability Management (mandatory)
  • CVSS scoring and risk-based prioritization
  • Remediation lifecycle management
  • Experience in banking or regulated environments is highly preferred

Technical Skills

  • Strong knowledge of:
  • Vulnerability scanning tools (Qualys, Tenable, Rapid7 – with Qualys as primary)
  • CVSS v3.1 framework and risk scoring methodologies
  • Experience with:
  • Dashboarding tools (Power BI, Tableau, or similar)
  • Patch and remediation workflows
  • Familiarity with:
  • Network and system security concepts
  • Cloud security vulnerabilities (AWS, Azure, GCP)

Soft Skills

  • Strong analytical and risk assessment skills
  • Ability to translate technical vulnerabilities into business risk
  • Effective stakeholder communication and coordination
  • Attention to detail with strong follow-through

Key Competencies

  • Vulnerability Assessment & Analysis
  • Risk-Based Prioritization
  • Remediation Tracking & SLA Management
  • Security Reporting & Executive Communication
  • Penetration Testing Coordination
  • Continuous Improvement & Compliance

**

More jobs