Vulnerability Management Engineer
Job Description
Responsibilities:
Vulnerability Management
· Manage vulnerability scanner sand agents. Monitor status, plugin update failures, and connectivity issues
· Design and tune scan policies to balance depth (thoroughness) with performance (network impact).
· Triage new vulnerabilities(CVEs) as they are released. Prioritize risks using Common Vulnerability Scoring System (CVSS) scores.
· Ensure all systems remain compliant with security baselines, regulatory expectations, and internal security policies
· Analyse vulnerability reports and recommend actionable remediation steps
User Support & Operations
· Provide Level 2 / Level 3support for incidents and service requests
· Work with system owners, app support, developers, and infrastructure teams to coordinate patch deployment during pre-approved weekend maintenance window and verify post-patch stability
IT Service Management
· Understands ITIL processes for Incident, Problem, Change Management
· Create and update tickets with detailed documentation and resolution steps
· Maintain SLAs and ensure timely ticket resolution
Documentation & Knowledge Management
· Create and maintain technical documentation, knowledge articles, and standard operating procedures (SOPs)
· Maintain runbooks for common operational tasks
Required skills and qualifications:
· Singaporeans By Birth only(Public Sector Client)
· Degree in Computer Science, Computing, Electrical Engineering, IT or equivalent with at least 2-4 years’ experience in vulnerability management, system programming
· Practical experience with vulnerability scanning tools(Tenable or Qualys or Rapid 7).
· Ability to interpret vulnerabilities across Windows Server, RHEL, and Network Infrastructure (e.g. Palo Alto)
· Participate in 24/7 standby rotation to provide operational support
Preferred skills and qualifications:
· Experience with scripting(PowerShell, Bash, Python) for automation
· Experience with Dynatrace
· Knowledge of cloud computing(Amazon Web Services preferred)