Senior Vulnerability Specialist to assess current state, build, remediate and ensure overall compliance of systems & networks for MSSP transformation p

Our client is looking for a Senior Vulnerability Specialist to assess current state, build, remediate and ensure overall compliance of systems & networks for an MSSP transformation program.

This role requires you to be onsite 3 days/week with flexibility in Calgary or Edmonton.

Must Haves:

• 7+ years' overall experience working within Cyber Security with a focus in Vulnerability Management and Information Security
• Experience with vulnerability management scoring system & frameworks such as: CVSSv4, CVE, NVD
• Experience transitioning security services from an MSSP to in-house
• Experience with vulnerability management tools and technologies such as: Nessus, Qualys, Rapid7

Nice to Have:

• Certifications such as: CISA, CSAM, GEVA, CVA etc.

Responsibilities:

• Support the cybersecurity transformation program which includes Managed Security Service Provider (MSSP) transition to in-house resources, as well as implementation of new capabilities (administrative and technical) to improve the overall cybersecurity maturity
• Current State Assessment: Conduct thorough assessments of the existing vulnerability management processes and tools to identify strengths, weaknesses, and areas for improvement.
• Solution Deployment: Implement and configure vulnerability management tools, with a preference for Qualys, to meet project requirements.
• Vulnerability Assessment: Perform regular vulnerability scans and assessments to identify security weaknesses in systems and networks.
• Remediation Planning: Develop and execute remediation plans in collaboration with IT and security teams to address identified vulnerabilities.
• Monitoring and Reporting: Continuously monitor the status of vulnerabilities and provide detailed reports on remediation progress and risk posture.
• Compliance: Ensure that vulnerability management practices comply with regulatory requirements and industry standards.
• Incident Response: Assist in the response to security incidents, leveraging vulnerability data to understand and mitigate threats.
• Documentation: Build & create and maintain comprehensive documentation of vulnerability management processes, findings, and remediation actions.
• Stakeholder Collaboration: Work closely with project stakeholders to ensure effective vulnerability management and communication.
• Training and Support: Provide training and support to the Security Operations Center on vulnerability management best practices and tool usage.