Cybersecurity Vulnerability Management Specialist

The Red Team Specialist will join Client s cybersecurity team with a primary focus on vulnerability management across the enterprise. The role is responsible for interpreting penetration test reports (largely produced by third-party vendors), driving remediation across system owners, validating fixes, and reporting on the organization s overall vulnerability posture. A working understanding of penetration testing is required so the candidate can credibly translate findings into actionable remediation work, and a limited amount of internal hands-on testing may also fall under this role., * Vulnerability Management (Primary Focus)

• Own the end-to-end vulnerability management lifecycle: discovery, triage, prioritization, assignment, remediation tracking, and validation.
• Read, interpret, and operationalize penetration test reports delivered by third-party vendors translating findings into clear, actionable remediation tasks for system owners, developers, and infrastructure teams.
• Build and maintain vulnerability dashboards and reports, including CVE tracking, aging analysis, and trend reporting for technical and executive audiences.
• Use Tanium for vulnerability identification, patch management, and reporting (preferred; training available for the right candidate).
• Partner with patch management, infrastructure, and application teams to ensure timely remediation aligned with risk severity.
• Provide guidance on vulnerabilities using a risk-based approach considering ease of exploitation, exposure, and business impact.
• Validate remediation efforts and confirm vulnerabilities have been effectively closed.
• Identify opportunities for improvement in tools such as SecurityScorecard and similar external risk-rating platforms.

Third-Party Penetration Test Coordination

• Manage relationships with third-party penetration testing vendors, including scoping, scheduling, and execution oversight.
• Apply Client s internal penetration testing framework across the application onboarding lifecycle.
• Manage deliverables from external testers; review findings, ensure supporting evidence is sufficient, and defend or challenge findings as appropriate.
• Track and report on third-party testing engagements, including risk, mitigation strategies, and references.

Limited Internal Penetration Testing

• Note: Internal hands-on testing will be minimal. The candidate should be capable of supporting it but will not perform deep offensive operations day-to-day.
• Conduct light-touch internal penetration tests and vulnerability assessments of servers, web applications, and databases as needed.
• Provide spot-checking and validation of existing technical security controls.
• Communicate technical findings and remediation steps with developers, system administrators, project managers, and senior stakeholders.

Purple Teaming & Incident Response Support

• Support purple team exercises that bring collaboration between Security, Operations, and Business Units to validate technical controls and remediation effectiveness.
• Participate in incident response activities, including tabletop exercises and major incident remediation.
• Provide guidance to the security operations team on adversary techniques and procedures (TTPs) to improve awareness and response times.

• 2+ years of experience in cybersecurity, with a working knowledge of penetration testing concepts and the ability to read, interpret, and act on penetration test reports.
• Hands-on experience managing a vulnerability management program prioritization, remediation tracking, and reporting.
• Familiarity with web application, infrastructure, and basic cloud (AWS and/or Azure) vulnerability concepts.
• Working knowledge of Windows/Active Directory and Linux systems administration and common vulnerabilities.
• Familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK frameworks.
• Working proficiency in at least one scripting language: Bash, PowerShell, or Python.
• Strong written and verbal communication skills able to clearly articulate technical findings and remediation requirements to mixed audiences (engineers through senior stakeholders).
• Demonstrated ability to drive remediation across cross-functional teams.

Certifications (Any of the Following Are a Plus)

• Practical/offensive: OSCP, eCPTX, eCPPX, PNPT, GPEN, eCXD, CEH, PenTest+
• Defensive: BTL1, BTL2
• Cloud security: AWS Certified Security Specialty or Azure equivalent

Preferred (Strong Pluses, Not Required)

• Tanium experience: Building reports, tracking CVEs, and supporting vulnerability and patching workflows. Client is a Tanium reseller and uses Tanium heavily this is a significant plus.
• CrowdStrike experience: Hands-on familiarity with CrowdStrike Falcon (EDR) is a strong plus.
• Exposure to penetration testing or red teaming engagements (web apps, APIs, network devices, databases, OS, cloud).
• Experience with NIST 800-53 and the Risk Management Framework (RMF).
• 1+ years of SOC and/or incident response experience, with a focus on host data acquisition and threat hunting.
• Familiarity with penetration testing toolsets (Burp Suite, NessQualys, Kali Linux, Metasploit, Cobalt Strike) at a level sufficient to interpret vendor outputs.
• Bachelor s degree in computer science, Engineering, Information Systems, or related field.