Vulnerability Reporting — Develop clear, data‑driven reports on vulnerabilities and associated risks, incorporating impact, likelihood, and prioritization. Summaries should highlight security posture, trending patterns, and remediation progress.
Independent Vulnerability Analysis — Analyze vulnerabilities to identify themes, systemic issues, and potential business impact. Contribute to risk scoring and treatment recommendations.
Scrum & Workflow Leadership — Lead scrums and working sessions to track remediation progress. Maintain Kanban boards and ensure accurate, up‑to‑date visibility into remediation pipelines.
Process & Controls Documentation — Identify and document process gaps, control weaknesses, and systemic contributors to vulnerability risk.
Cross‑Functional Coordination — Partner with Technical Security Advisors to validate remediation plans, confirm status updates, and ensure accuracy of vulnerability records.
Procedure Maintenance — Maintain and refine vulnerability management procedures and supporting documentation.
Special Projects — Participate in security initiatives and perform additional duties as needed.
Microsoft 365 & Copilot Expertise — Strong understanding of Microsoft 365 and Copilot capabilities, including integration and customization.
Educational Background — Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent practical experience.
Security Certifications — Preferred: Security+, SSCP, CISSP, or equivalent—especially for roles assessing risk treatment quality.
Cybersecurity Foundations — Solid understanding of vulnerability lifecycle, risk concepts, and remediation strategies in enterprise environments.
Infrastructure Security Knowledge — Demonstrated experience across infrastructure technologies and services.
Vulnerability Management Experience — Familiarity with identifying, assessing, prioritizing, and driving vulnerabilities to closure or approved treatment.
Scanning & Assessment Governance — Experience supporting or governing enterprise vulnerability scanning programs (on‑prem and/or cloud), including SLA compliance.
False Positive Investigation — Ability to conduct structured investigations and document rationale and decision paths.
Business‑Ready Risk Communication — Skilled at translating technical vulnerabilities into clear business impact statements and concise, approver‑ready risk summaries.
Risk Downgrade/Override Support — Ability to produce auditable, well‑scoped written rationales for downgrade or override decisions.
Data Analysis & Automation — Proficiency in structuring, analyzing, and automating datasets using development frameworks and AI‑driven tools.
Technical Writing — Strong writing skills for audit‑ready rationales, risk acceptances, downgrade justifications, and false‑positive documentation.
Stakeholder Facilitation — Comfortable leading discussions with technical and non‑technical stakeholders to clarify facts and drive decisions.
Attention to Detail — High accuracy in data validation and documentation.
Tooling Familiarity — Experience with vulnerability and posture management tools across cloud and on‑prem environments.
Reporting Ecosystems — Experience working with reporting platforms and dashboards.
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
The Judge Group Inc., is a leading professional services firm specializing in talent, technology, and learning solutions. We consult, staff, train, and solve. Through our work we make people and organizations better. Our services are successfully delivered through a network of more than 30 offices across the United States, Canada, and India.
The Judge Group is proud to partner with the best and brightest companies in business today, including over 60 of the Fortune 100. We serve organizations in financial services, healthcare, life sciences, insurance, government (including aerospace and defense), manufacturing, and technology and telecommunications. If you would like to learn more about The Judge Group visit www.judge.com or call toll free (800) 360-4474.