• Application Deadline:
• Position: Vulnerability Management Analyst



• Job Type Full Time , Remote



• Qualification BA/BSc/HND , Professional Certificate



• Experience



• Location Nigeria




• Job Field ICT / Computer 
  
  

Role Overview:

• We are seeking a motivated and detail-oriented  Vulnerability Management Engineer to join our Information Security team. This role is responsible for executing key functions across the vulnerability management lifecycle - from discovery and assessment to remediation tracking and reporting - to enhance the organization’s overall security posture.


• This is an entry-level role designed for candidates looking to build hands-on experience in vulnerability management, working closely with senior security engineers, IT teams, and product teams.

Key Responsibilities

Vulnerability Discovery and Assessment

• Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms.


• Conduct periodic scans to support compliance requirements.


• Perform External Attack Surface Assessments on internet-facing assets.


• Assist in validating scan results and identifying false positives.

Analysis, Prioritization, and Reporting

• Analyze Vulnerability scan results to identify security gaps and potential threats.


• Prioritise Vulnerability scan report based on risk severity and business impact.


• Report findings to asset owners and relevant stakeholders for timely remediation.

Remediation and Tracking

• Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs).


• Track remediation progress and follow up on outstanding vulnerabilities.


• Support implementation of mitigation strategies where immediate remediation is not possible.

Risk Management

• Assist in performing risk assessments related to identified vulnerabilities.


• Support documentation of risks and contribute to mitigation planning.


• Maintain awareness of evolving risk posture across systems.

Security Tools and Technologies

• Support the operation and maintenance of vulnerability management tools.


• Assist in scan configuration, execution, result interpretation and reporting.

Compliance and Standards

• Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST.


• Assist with audit preparation, including evidence gathering and documentations.


• Ensure scanning and remediation practices meet compliance requirements.

Reporting and Metrics

• Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance.


• Maintain accurate records of vulnerabilities, remediation status, and scan history.


• Communicate findings clearly to both technical and non-technical stakeholders.


• Suggest improvements to scanning, reporting, and remediation workflows.

Support Incident Response & Threat Intelligence Units

• Assist in Incident Response tasks and post-incident analysis when needed.


• Assist in Threat Intelligence tasks from internal and external sources when needed.


• Track emerging threats, vulnerabilities, and tactics used by relevant threat actors.


• Contribute to threat briefings and recommendations for security controls.

Continuous Learning and Improvement

• Stay current with emerging vulnerabilities, threats, and cybersecurity trends.


• Participate in training, labs, and knowledge-sharing sessions.


• Continuously develop technical skills in security tools and methodologies.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.


• Good understanding of vulnerability management lifecycle, vulnerability scanning/patch management tools, SIEM, EDR, CSPM  is an advantage.


• Understanding of networking fundamentals, operating systems, and cloud concepts.


• Strong analytical and problem-solving skills.


• Ability to work collaboratively and willingness to learn.

Preferred (Nice to Have)

• Entry-level certifications such as CompTIA Security+, ISC2 (CC), BTL1, eJPT


• Familiarity with Linux/Windows environments and cloud platforms (AWS, or GCP).


• Hands-on lab, internship, or project experience in security operations or vulnerability assessment.