We are looking for a an experienced Vulnerability Management Consultant to join our Cybersecurity Engineering Professional Services team.
The Vulnerability Management Consultant will focus on the organization and management of vulnerability assessments and their life cycles, ensuring comprehensive identification of cybersecurity weaknesses within multiple clients’ IT infrastructure.
The candidate will have the following duties/responsibilities:
- Manage vulnerability assessments across multiple clients’ IT infrastructure;
- Coordinate several vulnerability assessment processes, ensuring thorough identification of cybersecurity weaknesses in clients' organizations;
- Manage and analyze vulnerability assessment results to determine severities, potential impacts, and prioritize vulnerabilities for effective mitigation.
- Work closely with multiple clients’ internal teams to develop and implement mitigation strategies;
- Maintain clear communication and provide continuous updates on vulnerability status and mitigation efforts;
- Provide critical insights to inform decision-making and enhance multiple clients’ cybersecurity posture:
- Stay up-to-date with the latest cybersecurity trends and technologies.
The candidate should have:
- Bachelor’s degree in Computer Science, Information Technology, or a related field;
- Proven experience as a Vulnerability Management Consultant or similar role;
- Experience with industry compliance, regulations, standards, and frameworks related to cybersecurity, such as ISO 27001, NIST, COBIT, or similar.
- Experience in risk management, from identification and evaluation of risks, to developing effective risk mitigation plans, implementing mitigation strategies, and performing ongoing risk monitoring;
- In-depth knowledge and experience with OWASP Top Ten vulnerabilities and their respective remediation techniques;
- Proficiency in IT infrastructures including on-premises systems, major cloud platforms (e.g. AWS, Azure, GCP), and virtualization platforms (e.g. VMware ESXi, Hyper-V, KVM, Docker, Kubernetes);
- Experience with networking technologies (e.g. Cisco, Juniper, F5), server environments (e.g. Windows, Linux, Unix), and desktop systems (e.g. Windows, Linux, macOS);
- Experience with vulnerability assessment frameworks and tools, such as OpenVAS, Nessus, Qualys, or similar;
- Great organizational, analytical, and problem-solving skills;
- Strong sense of ethics, integrity, and responsibility;
- Great communication and teamwork skills;
- Fluency in Portuguese and high proficiency in English.
Nice to have:
- Relevant certifications such as CISSP, CISM, CEH, OSCP or similar are highly valued;
- Experience with specific vulnerability analysis frameworks and tools such as Burp Suite, Metasploit, or similar are highly valued;
- Participation in cybersecurity and vulnerability-related communities, forums, or professional networks.
What we offer:
- Professional development and monitoring talent;
- Commitment to our employees' development;
- Collaboration in a company that is constantly growing and evolving;
- Strong organisational culture: collaboration, sharing, flexibility, integrity and low ego.
Would you like to join our team? Then send your CV.
