JOB DETAILS

Refine your listings

Vulnerability Management & Infrastructure Security Compliance Engineer

Saudi Arabia

Job ID SNS-0908

Posted On
09-Feb-2025
(99 days ago)

Job type
Contract

Sector
Technology

  • 5+ years of experience in vulnerability management and infrastructure compliance monitoring.
  • Experience with vulnerability management platforms (e.g., Tenable.io, Qualys VMDR, Rapid7 InsightVM) and Penetration Testing tools.
  • Strong experience in monitoring vulnerabilities in Cloud environments, Containers, Kubernetes, security technologies.
  • Experience in handling enterprise vulnerability assessment and management.
  • Perform recurring and on-demand scanning of organization systems both on-premises and cloud environments.
  • Analyze vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention.
  • Generate detailed reports on vulnerabilities, their impact, and the status of remediation efforts. Communicate findings to stakeholders and track remediation.
  • Engage in vulnerability management program reviews and continuous improvement initiatives, providing input on enhancements to scanning and reporting processes.
  • Providing expertise on vulnerability exploitation and mitigation.
  • Develop and maintain vulnerability management documentation, including policies, procedures, and playbooks, including creating response plans for critical vulnerabilities.
  • Improve existing vulnerability management systems and reporting and provide technical support for vulnerability management projects.
  • Knowledge of vulnerability data management and reporting process automation.
  • Perform compliance monitoring on Infrastructure estate including but not limited to Server based technologies, networking devices, Databases, Firewalls etc.
  • Ensure compliance with relevant security standards, policies, and regulations.
  • In-depth knowledge of information security best practices.
  • Knowledge of OWASP tools and methodologies.
  • Knowledge of technical concepts such as cloud computing, automation, networking.
  • Familiar with regulatory & International security frameworks and its compliance.
  • Certification such as CEH, CVA, CompTIA Security+, CISM, CISSP, Pen-Testing
  • Knowledge of scripting languages such as Perl or Python
  • In-depth knowledge of network protocols, operating systems, and common vulnerabilities.
Back to list

© Copyright 2016 SAUDI NETWORKERS SERVICES - All Rights Reserved.