Johannesburg: Vulnerability Management Specialist posted by Deka Minas (Pty) Ltd

About the Role

We are seeking a Vulnerability Management Specialist with expertise in enterprise vulnerability assessment and management. The successful candidate will play a critical role in identifying, analyzing, and mitigating security risks across organization’s network, applications, databases, and other IT assets. This role requires a deep understanding of security best practices, emerging threats, and industry compliance standards.

Key Responsibilities

• Oversee and coordinate security incident response activities.
• Perform recurring and on-demand vulnerability scanning across on-premises and cloud environments.
• Investigate and resolve security incidents, including targeted threats and internal vulnerabilities.
• Maintain and update documentation regarding threat management, including policies, procedures, and remediation strategies.
• Assist IT teams in designing, implementing, and automating security solutions to mitigate risks.
• Improve and automate vulnerability management processes and reporting.
• Monitor intrusion detection and prevention systems to identify potential security threats.
• Research and assess emerging security threats and vulnerabilities, providing recommendations for remediation.
• Provide technical guidance and support for vulnerability management initiatives.
• Communicate identified vulnerabilities, assess their impact, and recommend appropriate security controls to mitigate risks.

Requirements

• Minimum 3+ years of experience in vulnerability management, cybersecurity, or compliance monitoring.
• Proven experience with vulnerability management, cloud security, and Continuous Threat Exposure Management (CTEM).
• Strong knowledge of cloud security platforms (e.g., Azure, AWS, Google Cloud), vulnerability scanning tools (e.g., Qualys, Tenable, Nessus), and OWASP security standards.
• Hands-on experience in vulnerability scanning, penetration testing, network access control, and/or SIEM solutions.
• Proficiency in the design and implementation of security technologies and controls.
• Experience in IT compliance monitoring and regulatory security requirements.
• Familiarity with data visualization tools for security reporting.
• Strong understanding of security concepts, including cloud computing, automation, networking, and application development.
• Experience managing vulnerability data and automating reporting processes.
• Knowledge of OWASP tools, methodologies, and best practices for application security.
• Proficiency in scripting languages such as Python or Perl to support automation and reporting.

Qualifications

No specific qualifications mentioned in the original job description.