Sr. Vulnerability Management Lead in West New York, NJ at Vaco

Date Posted: 8/2/2019

Job Snapshot

Job Description

Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

Looking for an exciting career opportunity in Vulnerability Management? Instead of being another faceless resume, let Vaco advocate for you! Right now, we are looking to fill a position for our Vulnerability Management Team. With Vaco, you will have an advantage over your competition! Our information security practice maintains strong relationships with clients, connect your experience with the right consulting project-promoting your strengths to the manager while preparing you for that specific interview.

Our team will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, opportunities to work on exciting, impactful projects, and opportunities for industry training and advancement. If you're an experienced, and you want to partner with the best, apply today!

Serves as a subject matter expert to the vulnerability management program for the business unit, providing procedural expertise to the program. Will work closely with the corporate vulnerability management team to identify threats and vulnerabilities to the organization and coordinate separation activities.

Job Description

In this role you will play a pivotal part of the Vulnerability Management team at a fortune 500 data services firm. The ideal candidate for this role will have Qualys certification, VM and PC module expertise, and will have utilized multiple scripting languages for automation. The candidate will perform the following functions in this role:

  • Configure new Qualys platform subscription including deployment of scan appliances and creation of option profiles, asset groups, scan schedules, report templates, and authentication records in both Vulnerability Management (VM) and Policy Compliance (PC) modules.
  • Create run books for scanning and reporting processes developed within VM and PC modules.
  • Support vulnerability scanning operations by administering existing Qualys platform subscription and executing ad hoc scans as needed.
  • Collaborate and contribute to the automation of scanning and reporting processes where possible.
  • Advise cyber security leadership on the latest vulnerability management trends
  • Work with infrastructure teams on prioritizing patching of vulnerable services
  • Weekly review of progress against the above goals, identification of new goals and summary of activity


  • Bachelor's Degree or at least 5 years of Vulnerability Management and/or cyber security experience
  • Experience utilizing vulnerability scanning tools such as Qualys, Tenable Security Center, Nessus, and Fortify
  • Understanding of vulnerability management methodologies and procedures, as well as application and infrastructure vulnerability scanning solutions
  • Familiar with cyber security frame works such as NIST and ISO 27001
  • Experience in maturing vulnerability management programs with a focus on understanding of risk prioritization
  • Understanding of enterprise architecture and infrastructure (e.g., Server, Network, Workstation, Cloud, etc.)
  • Familiarity with patching processes and the systems used such as SCCM
  • Professional oral and written communication skills
  • Experience implementing vulnerability identification solutions for hybrid cloud environments and containers
  • Strong teamwork and interpersonal skills with a focus on problem solving and troubleshooting