SISA Information Security - Senior Lead Engineer - Vulnerability Assessment & Management (12-19 yrs)

Job Description :

Role & Responsibilities :

Team Leadership :

- Lead, mentor, and manage a team of vulnerability analysts, ensuring high performance and continuous development.

- Allocate resources effectively to ensure timely delivery of services across multiple client projects.

- Conduct regular performance reviews and provide feedback to team members.

Vulnerability Assessment & Management :

- Oversee the planning, execution, and reporting of vulnerability assessments for client environments, including networks, applications, and systems.

- Ensure the accurate identification, classification, and prioritization of vulnerabilities based on risk and impact.

- Develop and maintain a robust vulnerability management program that aligns with industry best practices and client requirements.

- Coordinate with client teams to validate, prioritize, and track remediation efforts, providing guidance on effective mitigation strategies.

Client Interaction :

- Act as the primary point of contact for clients regarding vulnerability assessment and management services.

- Present assessment findings and remediation recommendations to clients, tailoring the communication to various audience levels (technical teams, management, C-suite).

- Assist in the development of client-specific strategies to manage and reduce vulnerabilities.

Process Improvement :

- Continuously evaluate and improve vulnerability assessment processes and tools to enhance efficiency and effectiveness.

- Stay updated with the latest security threats, vulnerabilities, and industry trends to ensure services remain cutting-edge.

- Collaborate with other teams (e.g., Penetration Testing, Red Team) to integrate findings and improve overall security posture for clients.

Reporting and Documentation :

- Ensure comprehensive and accurate documentation of assessment findings, remediation steps, and client interactions.

- Generate detailed vulnerability assessment reports and executive summaries for clients.

- Track and report on the progress of vulnerability management activities to internal and client stakeholders.

Qualifications :

- 12 to 19 years of hands-on experience in vulnerability assessment and management, with at least 2 years in a Lead role.

- Strong understanding of vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7) and management platforms.

- Proficiency in interpreting and applying industry standards such as OWASP, NIST, and CIS Benchmarks.

- Experience in developing and implementing vulnerability management programs in client environments.

- Strong leadership, communication, and project management skills.

- Relevant certifications such as CISSP, CISM, CEH, or similar are preferred.

Desired Skills :

- Understanding of PCI DSS Security testing requirements.

- Experience in working with cross-functional teams and managing multiple projects simultaneously.

- Ability to work in a fast-paced, client-driven environment.