Specialist - Vulnerability Management (m/f/d)

Role Purpose

Qualys

Vulnerability Assessment & Scanning

• Perform regular vulnerability scanning using Qualys (mandatory) across infrastructure, applications, and endpoints
• Identify and validate vulnerabilities across:
• + Servers, databases, and network devices
• + Cloud and on-premise environments
• Ensure scanning coverage is comprehensive and aligned with asset inventory

Risk Prioritization & Analysis

• Prioritize vulnerabilities using CVSS v3.1 scoring, enhanced with:
• + Asset criticality
• + Business impact
• + Threat intelligence inputs
• Distinguish between false positives and real risks through validation and analysis
• Provide risk-based recommendations for remediation

Remediation Tracking & SLA Management

• Track vulnerability remediation against defined SLAs
• Work closely with IT, infrastructure, and application teams to ensure timely fixes
• Develop and maintain remediation dashboards for visibility and accountability
• Escalate overdue or high-risk vulnerabilities to management

Reporting & Governance

• Prepare and present:
• + Executive dashboards on vulnerability status and trends
• + Quarterly vulnerability posture reports aligned with board-level risk appetite
• Highlight key risk areas, systemic weaknesses, and improvement actions
• Support risk committees, CISO, and senior leadership with actionable insights

Penetration Testing Coordination

• Coordinate and manage internal and external penetration testing engagements
• Ensure findings are:
• + Properly documented
• + Tracked for remediation
• Validate closure of penetration testing findings

Continuous Improvement & Compliance

• Enhance vulnerability management processes in line with industry best practices
• Integrate threat intelligence to improve risk prioritization
• Ensure alignment with:
• + Internal security policies
• + Regulatory requirements (banking/financial sector)
• Support audits and compliance reviews

Education

• Bachelor’s degree in:
• + Cybersecurity
• + Information Technology
• + Computer Science or related field

Experience

• 4–8+ years of experience in:

+ Vulnerability Management / Security Operations

• + Enterprise-scale vulnerability assessment programs
• Proven experience with:

+ Qualys Vulnerability Management (mandatory)

• + CVSS scoring and risk-based prioritization
• + Remediation lifecycle management
• Experience in banking or regulated environments is highly preferred

Technical Skills

• Strong knowledge of:
• + Vulnerability scanning tools (Qualys, Tenable, Rapid7 – with Qualys as primary)
• + CVSS v3.1 framework and risk scoring methodologies
• Experience with:
• + Dashboarding tools (Power BI, Tableau, or similar)
• + Patch and remediation workflows
• Familiarity with:
• + Network and system security concepts
• + Cloud security vulnerabilities (AWS, Azure, GCP)

Soft Skills

• Strong analytical and risk assessment skills
• Ability to translate technical vulnerabilities into business risk
• Effective stakeholder communication and coordination
• Attention to detail with strong follow-through

• Vulnerability Assessment & Analysis

• Risk-Based Prioritization

• CEH (Certified Ethical Hacker)

• CISSP (preferred for senior roles)

Ideal Candidate Profile

• Hands-on experience with Qualys in large enterprise environments
• Strong understanding of risk-based vulnerability management
• Experience preparing executive-level dashboards and board reports
• Ability to collaborate across technical and business teams to drive remediation
• Specialist - Vulnerability Management in Abu Dhabi, United Arab Emirates