Role
The Day-To-Day Activities
Vulnerability Management
• Own the end-to-end vulnerability scanning cycle for infrastructure, endpoints, network devices, containers, and cloud workloads (scheduled and ad hoc).
• Tune scanners, maintain asset groupings and credentialed scans, ensure coverage, and reduce false positives.
• Triage and validate findings, assign severity based on CVSS, exploitability, business impact, and asset criticality.
• Coordinate remediation with platform, network, and application teams; track SLAs and exceptions; escalate overdue items.
• Manage patch verification and re-scan cycles; maintain a risk-accepted backlog with documented compensating controls.
• Produce executive and operational reports (e.g., vulnerability backlog trend, Mean Time To Remediate, exposure by asset class).
• Integrate vulnerability data into SIEM/SOAR/GRC for correlation and workflow automation where possible.
Security Compliance & Assurance
• Plan and execute periodic compliance checks against internal security policies/standards and external frameworks (e.g., ISO/IEC 27001/2, NIST CSF, CIS Controls, PCI DSS, SOC 2, MAS/TRM/BNM-RMiT as applicable).
• Perform control testing, evidence collection, sample-based reviews, and gap analysis; document findings and remediation plans.
• Support internal/external audits and certification activities; coordinate with control owners for timely closure of audit observations.
• Maintain policy-to-control-to-evidence mapping in GRC tools; ensure versioning and traceability.
IT Security Posture Management
• Maintain and enhance security posture metrics (e.g., vulnerability exposure, hardening compliance, privileged access hygiene, endpoint protection coverage, configuration drift).
• Oversee configuration baseline compliance (e.g., CIS benchmarks) for servers, endpoints, databases, cloud services, and network devices.
• Contribute to secure configuration standards and review change requests for security impact.
• Support risk assessments (systems, projects, vendors) and embed posture checks into onboarding and change processes.
• Provide concise, actionable dashboards and briefings to leadership and technology stakeholders.
Collaboration & Governance
• Support vulnerability remediation forums with Technology owners; drive issue resolution and risk decisions.
• Work with AppSec, Cloud, IT Ops, and SOC/Threat Intelligence to prioritize remediation based on real-world threats and business context.
• Develop SOPs, runbooks, and playbooks; deliver awareness and training to technical teams.