Perform vulnerability assessments across on-premise and cloud platforms (AWS, Azure, GCP). Analyze scan results from tools like Rapid7 InsightVM, and Qualys, and prioritize remediation based on risk. Collaborate with stakeholders to track and close vulnerabilities. Automate scanning, reporting, and remediation workflows using scripting languages. Monitor threat intelligence feeds and correlate findings with internal vulnerabilities. Support compliance efforts (e.g., ISO 27001, SOC 2) by ensuring timely remediation. Participate in incident response and post-mortem analysis related to exploited vulnerabilities. Strong understanding of cybersecurity fundamentals: CIA triad, threat modeling, risk management, and defense-in-depth. Experience with vulnerability scanning tools (e.g., Nessus, Rapid7, Qualys). Familiarity with scripting languages (e.g., Python, PowerShell) for automation and analysis. Knowledge of operating systems (Windows/Linux), networking concepts, and web application security. Excellent analytical, problem-solving, and communication skills. Ability to work independently and collaboratively in cross-functional teams. Experience with cloud computing environments (AWS, Azure, GCP). Familiarity with regulatory frameworks (e.g., PCI DSS, HIPAA, GDPR). Security certifications such as Security+, CEH, or AWS Security Specialty. Exposure to container security and cloud-native scanning tools.
